urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Submission: On August 24 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 10 countries across 113 domains to perform 485 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
10 172.217.194.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
2 69.16.175.42 20446 (STACKPATH...)
3 209.58.188.181 133752 (LEASEWEB-...)
10 104.26.3.91 13335 (CLOUDFLAR...)
44 142.250.4.154 15169 (GOOGLE)
3 104.211.156.162 8075 (MICROSOFT...)
17 76 142.251.10.155 15169 (GOOGLE)
8 142.251.10.156 15169 (GOOGLE)
1 172.253.118.94 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
3 74.125.24.101 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
2 8 172.217.194.156 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
1 2 145.40.89.200 54825 (PACKET)
1 23.195.153.54 16625 (AKAMAI-AS)
4 8 104.254.151.36 29990 (ASN-APPNEX)
13 34.250.30.153 16509 (AMAZON-02)
3 139.99.49.250 16276 (OVH)
1 182.161.73.145 55569 (CRITEO-AS...)
1 34.107.148.139 15169 (GOOGLE)
4 19 104.18.18.126 13335 (CLOUDFLAR...)
2 12 35.244.159.8 15169 (GOOGLE)
1 52.221.101.105 16509 (AMAZON-02)
3 35.72.150.84 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 148.251.44.111 24940 (HETZNER-AS)
4 7 103.229.10.180 16509 (AMAZON-02)
4 172.217.194.157 15169 (GOOGLE)
2 13.33.33.38 16509 (AMAZON-02)
9 142.251.10.132 15169 (GOOGLE)
1 13.227.254.11 16509 (AMAZON-02)
34 142.250.4.132 15169 (GOOGLE)
3 142.250.4.95 15169 (GOOGLE)
10 74.125.130.104 15169 (GOOGLE)
16 23.195.152.23 16625 (AKAMAI-AS)
1 96.17.72.64 20940 (AKAMAI-ASN1)
1 125.56.225.45 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
4 104.254.150.241 29990 (ASN-APPNEX)
2 182.161.73.129 55569 (CRITEO-AS...)
2 74.125.24.94 15169 (GOOGLE)
1 172.217.194.102 15169 (GOOGLE)
18 18 35.213.12.39 15169 (GOOGLE)
6 74.125.24.149 15169 (GOOGLE)
1 1 150.95.47.242 7506 (INTERQ GM...)
1 1 18.180.74.207 16509 (AMAZON-02)
13 15 74.118.186.44 26120 (RHYTHMONE)
2 3 202.131.200.84 17941 (BIT-ISLE ...)
1 182.22.31.252 23816 (YAHOO Yah...)
2 52.221.120.52 16509 (AMAZON-02)
3 23.72.45.156 16625 (AKAMAI-AS)
3 13.224.250.32 16509 (AMAZON-02)
1 13.224.250.34 16509 (AMAZON-02)
2 18.140.89.184 16509 (AMAZON-02)
2 172.217.194.94 15169 (GOOGLE)
1 3 104.18.35.11 13335 (CLOUDFLAR...)
11 12 52.223.40.198 16509 (AMAZON-02)
1 1 18.176.234.133 16509 (AMAZON-02)
1 202.233.84.1 131957 (MICROAD M...)
3 3 34.235.40.219 14618 (AMAZON-AES)
1 1 18.177.113.58 16509 (AMAZON-02)
2 3 77.88.21.90 13238 (YANDEX)
3 184.87.200.25 16625 (AKAMAI-AS)
5 23.36.252.26 16625 (AKAMAI-AS)
1 23.49.60.112 20940 (AKAMAI-ASN1)
5 5 52.221.14.52 16509 (AMAZON-02)
3 3 35.186.193.173 15169 (GOOGLE)
2 2 13.231.81.146 16509 (AMAZON-02)
5 6 185.84.60.21 198622 (ADFORM)
12 12 70.42.32.127 22075 (AS-OUTBRAIN)
5 12 52.223.2.229 16509 (AMAZON-02)
3 182.161.73.136 55569 (CRITEO-AS...)
1 18.161.111.72 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
8 104.69.164.213 16625 (AKAMAI-AS)
1 23.72.44.239 16625 (AKAMAI-AS)
2 74.125.24.157 15169 (GOOGLE)
2 2 50.116.239.135 6336 (TURN-US-ASN)
2 2 202.241.208.52 4694 (IDCF IDC ...)
1 1 13.224.250.50 16509 (AMAZON-02)
2 2 13.227.254.26 16509 (AMAZON-02)
3 3 23.9.185.218 16625 (AKAMAI-AS)
2 2 198.8.71.129 54312 (ROCKETFUEL)
4 23.72.44.196 16625 (AKAMAI-AS)
2 2 182.161.73.146 55569 (CRITEO-AS...)
5 5 103.229.205.242 30419 (MEDIAMATH...)
4 4 104.69.148.168 16625 (AKAMAI-AS)
2 2 3.126.96.88 16509 (AMAZON-02)
2 18.235.125.68 14618 (AMAZON-AES)
1 54.255.21.102 16509 (AMAZON-02)
2 52.76.192.69 16509 (AMAZON-02)
2 54.175.93.244 14618 (AMAZON-AES)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.100.194 13335 (CLOUDFLAR...)
2 2 35.213.93.179 15169 (GOOGLE)
1 13.107.21.200 8068 (MICROSOFT...)
2 5 54.254.175.9 16509 (AMAZON-02)
5 9 52.46.155.104 16509 (AMAZON-02)
1 34.96.105.8 15169 (GOOGLE)
2 3 103.231.98.196 62713 (AS-PUBMATIC)
1 23.52.171.123 20940 (AKAMAI-ASN1)
9 11 69.173.158.64 26667 (RUBICONPR...)
3 4 35.190.60.146 15169 (GOOGLE)
1 106.10.236.40 ()
2 3 52.95.126.160 ()
2 35.74.137.60 16509 (AMAZON-02)
1 5 23.106.127.53 59253 (LEASEWEB-...)
1 2 52.71.232.26 ()
4 4 209.191.163.209 29791 (VOXEL-DOT...)
18 13.112.54.241 ()
1 1 72.34.250.75 27630 (AS-XFERNET)
1 37.157.2.237 ()
3 3 52.74.162.2 16509 (AMAZON-02)
1 52.204.175.17 14618 (AMAZON-AES)
4 23.36.253.206 16625 (AKAMAI-AS)
4 125.56.226.34 24319 (AKAMAI-TY...)
4 4 89.207.22.137 ()
2 104.18.19.126 ()
1 1 54.91.29.254 ()
1 1 34.111.151.213 15169 (GOOGLE)
1 104.18.12.76 13335 (CLOUDFLAR...)
1 1 13.250.213.230 16509 (AMAZON-02)
1 1 141.226.229.48 ()
2 2 66.155.71.149 ()
1 2 52.74.186.80 ()
1 1 52.204.37.210 ()
14 103.231.98.194 ()
4 4 151.101.194.49 54113 (FASTLY)
1 1 18.138.18.111 16509 (AMAZON-02)
1 3.113.231.86 ()
1 1 103.3.63.48 63949 (LINODE-AP...)
6 67.199.150.86 ()
2 2 23.108.103.8 ()
2 2 13.250.207.233 16509 (AMAZON-02)
1 2 151.101.193.44 54113 (FASTLY)
1 195.5.165.20 ()
1 1 104.19.173.108 13335 (CLOUDFLAR...)
2 38.91.45.7 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
3 67.199.150.85 ()
1 1 169.62.67.163 ()
1 1 51.255.68.171 ()
1 1 34.102.253.54 15169 (GOOGLE)
2 2 104.254.150.228 ()
1 1 34.195.158.163 ()
1 150.136.156.92 ()
2 2 52.76.68.248 ()
1 1 74.214.196.131 ()
2 2 185.184.8.90 ()
1 1 8.43.72.97 ()
485 110
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
10    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
cdn.ampproject.org
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
10    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
44    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
pagead2.googlesyndication.com
3    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
76    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
www.googletagservices.com
cm.g.doubleclick.net
8    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
adservice.google.com
1    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
d-1710843936287949449.ampproject.net
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
3    74.125.24.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f101.1e100.net
www.google-analytics.com
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
8    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
1    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
8    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
13    34.250.30.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
19    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
1    52.221.101.105 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-101-105.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    35.72.150.84 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    148.251.44.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sundoro
rtb.adxpremium.services
7    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
adservice.google.com.au
2    13.33.33.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-38.sin2.r.cloudfront.net
adx.holmesmind.com
9    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
0bac53416c6f8fbacdad0aca93caa0ff.safeframe.googlesyndication.com
b61a36e0a14d367c54e505eab745483c.safeframe.googlesyndication.com
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
1    13.227.254.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-11.sin52.r.cloudfront.net
rules.quantcount.com
34    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
3    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
10    74.125.130.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f104.1e100.net
www.google.com
16    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    96.17.72.64 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-72-64.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    125.56.225.45 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a125-56-225-45.deploy.static.akamaitechnologies.com
warp.media.net
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
4    104.254.150.241 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
lax1-ib.adnxs.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
1    172.217.194.102 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f102.1e100.net
mts0.google.com
18    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
6    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
s0.2mdn.net
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
1    18.180.74.207 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-74-207.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
15    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    182.22.31.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
cksync.yahoo.co.jp
2    52.221.120.52 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-120-52.ap-southeast-1.compute.amazonaws.com
ap.evm1.stackadapt.com
3    23.72.45.156 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-156.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    13.224.250.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-32.sin52.r.cloudfront.net
creative.stackadapt.com
1    13.224.250.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-34.sin52.r.cloudfront.net
cdn.stackadapt.com
2    18.140.89.184 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-89-184.ap-southeast-1.compute.amazonaws.com
ap.srv.stackadapt.com
2    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
3    104.18.35.11 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
12    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
3    34.235.40.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-40-219.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    18.177.113.58 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-113-58.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
3    77.88.21.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
3    184.87.200.25 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-200-25.deploy.static.akamaitechnologies.com
lg3.media.net
5    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hblg.media.net
cs.media.net
1    23.49.60.112 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-60-112.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
5    52.221.14.52 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-14-52.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    13.231.81.146 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-231-81-146.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
6    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
12    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
12    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    18.161.111.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-72.mrs52.r.cloudfront.net
public.servenobid.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
8    104.69.164.213 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-164-213.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.72.44.239 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-239.deploy.static.akamaitechnologies.com
js-sec.indexww.com
2    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
googleads4.g.doubleclick.net
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    202.241.208.52 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    13.224.250.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-50.sin52.r.cloudfront.net
cr-p3.ladsp.jp
2    13.227.254.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-26.sin52.r.cloudfront.net
cr-pall.ladsp.com
3    23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
5    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    104.69.148.168 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-148-168.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    3.126.96.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-96-88.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    18.235.125.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-125-68.compute-1.amazonaws.com
cs.emxdgt.com
1    54.255.21.102 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-21-102.ap-southeast-1.compute.amazonaws.com
geo.moatads.com
2    52.76.192.69 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-192-69.ap-southeast-1.compute.amazonaws.com
mb.moatads.com
2    54.175.93.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-93-244.compute-1.amazonaws.com
tags.srv.stackadapt.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.100.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    54.254.175.9 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
9    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    23.52.171.123 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-171-123.deploy.static.akamaitechnologies.com
code.createjs.com
11    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    106.10.236.40 (None, )

ASN- ()
ads.yahoo.com
3    52.95.126.160 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    35.74.137.60 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-137-60.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
5    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2    52.71.232.26 (None, )

ASN- ()
x.yieldlift.com
4    209.191.163.209 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
ap.lijit.com
18    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
1    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    37.157.2.237 (None, )

ASN- ()
cm.adform.net
3    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.204.175.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-175-17.compute-1.amazonaws.com
ssp.disqus.com
4    23.36.253.206 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-253-206.deploy.static.akamaitechnologies.com
stackadaptdisplay515602019759.s.moatpixel.com
4    125.56.226.34 (Singapore)

ASN24319 (AKAMAI-TYO-AP Akamai Technologies Tokyo ASN, SG)
PTR: a125-56-226-34.deploy.static.akamaitechnologies.com
stackadaptdisplayhourly515602019759.s.moatpixel.com
4    89.207.22.137 (None, )

ASN- ()
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    104.18.19.126 (None, )

ASN- ()
dsum.casalemedia.com
1    54.91.29.254 (None, )

ASN- ()
nep.advangelists.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    104.18.12.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    13.250.213.230 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-213-230.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    141.226.229.48 (None, )

ASN- ()
sync.taboola.com
2    66.155.71.149 (None, )

ASN- ()
pixel-sync.sitescout.com
2    52.74.186.80 (None, )

ASN- ()
sync.crwdcntrl.net
1    52.204.37.210 (None, )

ASN- ()
sync.extend.tv
14    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    3.113.231.86 (None, )

ASN- ()
dps.jp.cinarra.com
1    103.3.63.48 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li819-48.members.linode.com
gocm.c.appier.net
6    67.199.150.86 (None, )

ASN- ()
image2.pubmatic.com
2    23.108.103.8 (None, )

ASN- ()
inv-nets.admixer.net
2    13.250.207.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    104.19.173.108 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
3    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
1    169.62.67.163 (None, )

ASN- ()
um.simpli.fi
1    51.255.68.171 (None, )

ASN- ()
dsp.nrich.ai
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    104.254.150.228 (None, )

ASN- ()
secure.adnxs.com
1    34.195.158.163 (None, )

ASN- ()
sync.ipredictive.com
1    150.136.156.92 (None, )

ASN- ()
sync.technoratimedia.com
2    52.76.68.248 (None, )

ASN- ()
ad.360yield.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
87 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
0bac53416c6f8fbacdad0aca93caa0ff.safeframe.googlesyndication.com
b61a36e0a14d367c54e505eab745483c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
712 KB
76 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
910 KB
30 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
image6.pubmatic.com — Cisco Umbrella Rank: 634
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
39 KB
27 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com — Cisco Umbrella Rank: 582
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
token.rubiconproject.com — Cisco Umbrella Rank: 711
pixel-us-east.rubiconproject.com
51 KB
26 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
contextual.media.net — Cisco Umbrella Rank: 537
warp.media.net — Cisco Umbrella Rank: 2128
lg3.media.net — Cisco Umbrella Rank: 3677
hblg.media.net — Cisco Umbrella Rank: 1470
cs.media.net — Cisco Umbrella Rank: 1357
175 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
dsum.casalemedia.com
19 KB
20 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1417
usersync.gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1284
6 KB
19 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
mts0.google.com — Cisco Umbrella Rank: 4533
81 KB
18 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
9 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
cdn.adnxs.com — Cisco Umbrella Rank: 1411
lax1-ib.adnxs.com — Cisco Umbrella Rank: 2090
acdn.adnxs.com — Cisco Umbrella Rank: 604
secure.adnxs.com
69 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
e3.adpushup.com — Cisco Umbrella Rank: 17352
254 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
public.servenobid.com — Cisco Umbrella Rank: 3759
9 KB
13 stackadapt.com
ap.evm1.stackadapt.com — Cisco Umbrella Rank: 154768
creative.stackadapt.com — Cisco Umbrella Rank: 8155
cdn.stackadapt.com — Cisco Umbrella Rank: 9289
ap.srv.stackadapt.com — Cisco Umbrella Rank: 127051
sync.srv.stackadapt.com — Cisco Umbrella Rank: 754
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3440
15 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
5 KB
12 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
aax-eu.amazon-adsystem.com
9 KB
12 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
8 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
7 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
u.openx.net — Cisco Umbrella Rank: 705
us-u.openx.net — Cisco Umbrella Rank: 399
jp-u.openx.net — Cisco Umbrella Rank: 9434
3 KB
11 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
163 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 570
6 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
217 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
ads.yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
6 KB
8 moatpixel.com
stackadaptdisplay515602019759.s.moatpixel.com — Cisco Umbrella Rank: 8347
stackadaptdisplayhourly515602019759.s.moatpixel.com — Cisco Umbrella Rank: 8350
2 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 612
cm.adform.net
4 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
2 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
cms.quantserve.com — Cisco Umbrella Rank: 1072
12 KB
6 moatads.com
z.moatads.com — Cisco Umbrella Rank: 423
geo.moatads.com — Cisco Umbrella Rank: 653
mb.moatads.com — Cisco Umbrella Rank: 662
px.moatads.com — Cisco Umbrella Rank: 469
112 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
90 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 759
gum.criteo.com — Cisco Umbrella Rank: 407
dis.criteo.com — Cisco Umbrella Rank: 712
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 939
rtb-csync.smartadserver.com
2 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 476
3 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 783
4 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
216 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 590
1 KB
4 dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 936
ap.lijit.com — Cisco Umbrella Rank: 654
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 592
idsync.rlcdn.com — Cisco Umbrella Rank: 310
859 B
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 509
3 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
83 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 taboola.com
sync.taboola.com
trc.taboola.com — Cisco Umbrella Rank: 707
match.taboola.com — Cisco Umbrella Rank: 3043
894 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
1 KB
3 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 21847
687 B
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2470
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 816
s.tribalfusion.com — Cisco Umbrella Rank: 2148
2 KB
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2792
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
3 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
519 B
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com
621 B
2 pippio.com
pippio.com
716 B
2 deepintent.com
match.deepintent.com
60 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1500
1 KB
2 admixer.net
inv-nets.admixer.net
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 sitescout.com
pixel-sync.sitescout.com
1 KB
2 yieldlift.com
x.yieldlift.com
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2550
969 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 457
552 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 952
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 958
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 743
1 KB
2 ladsp.com
cr-pall.ladsp.com — Cisco Umbrella Rank: 3699
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
959 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com — Cisco Umbrella Rank: 1405
2 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5040
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
56 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1614
res-a.akamaihd.net — Cisco Umbrella Rank: 6499
25 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 369022
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
774 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
789 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
10 KB
1 contextweb.com
bh.contextweb.com
664 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4114
465 B
1 nrich.ai
dsp.nrich.ai
482 B
1 simpli.fi
um.simpli.fi
653 B
1 linksynergy.com
tags.rd.linksynergy.com
389 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 942
405 B
1 iprom.net
core.iprom.net
279 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2343
395 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24110
654 B
1 extend.tv
sync.extend.tv
546 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1494
112 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1774
349 B
1 advangelists.com
nep.advangelists.com
234 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2420
218 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 992
655 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1419
63 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2742
174 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 204
667 B
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 22525
225 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3586
448 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 4086
641 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 133282
725 B
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3598
620 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 17820
556 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 144971
393 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
633 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7555
396 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
360 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 ampproject.net
d-1710843936287949449.ampproject.net
0 outbrain.com Failed
sync.outbrain.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
visitor.omnitagjs.com Failed
485 113
Domain Requested by
48 cm.g.doubleclick.net 17 redirects www.bg3.co
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
g2.gumgum.com
44 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
34 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
21 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
adx.holmesmind.com
www.bg3.co
www.googletagservices.com
18 usersync.gumgum.com public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
18 x.bidswitch.net 18 redirects
16 contextual.media.net cdn.adpushup.com
contextual.media.net
www.bg3.co
ads.pubmatic.com
eus.rubiconproject.com
14 simage2.pubmatic.com ads.pubmatic.com
13 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
ssbsync.smartadserver.com
12 eb2.3lift.com 5 redirects cdn.adpushup.com
eb2.3lift.com
12 b1sync.zemanta.com 12 redirects
12 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 match.adsrvr.org 11 redirects cdn.adpushup.com
10 sync.1rx.io 10 redirects
10 www.google.com tpc.googlesyndication.com
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
10 static.bg3.co www.bg3.co
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 s.amazon-adsystem.com 5 redirects eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
8 ib.adnxs.com 4 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
8 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 e3.adpushup.com www.bg3.co
6 image2.pubmatic.com ads.pubmatic.com
6 pixel.rubiconproject.com 5 redirects www.bg3.co
6 c1.adform.net 5 redirects ads.pubmatic.com
6 s0.2mdn.net 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
www.bg3.co
s0.2mdn.net
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
5 token.rubiconproject.com 4 redirects www.bg3.co
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 sync.mathtag.com 5 redirects
5 us-u.openx.net 2 redirects u.openx.net
5 pm.w55c.net 5 redirects
5 sync.targeting.unrulymedia.com 3 redirects ads.pubmatic.com
g2.gumgum.com
5 www.googletagservices.com securepubads.g.doubleclick.net
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
5 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
www.bg3.co
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync-tm.everesttech.net 4 redirects
4 stackadaptdisplayhourly515602019759.s.moatpixel.com 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
4 stackadaptdisplay515602019759.s.moatpixel.com 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
4 stags.bluekai.com 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 lax1-ib.adnxs.com cdn.adpushup.com
www.bg3.co
cdn.adnxs.com
4 pixel.quantserve.com 3 redirects www.bg3.co
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 secure-assets.rubiconproject.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 ipac.ctnsnet.com 3 redirects
3 cs.media.net contextual.media.net
3 lg3.media.net www.bg3.co
3 an.yandex.ru 2 redirects www.bg3.co
3 sync.srv.stackadapt.com 3 redirects
3 creative.stackadapt.com 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
3 sync-dsp.ad-m.asia 2 redirects ads.pubmatic.com
3 fonts.googleapis.com client
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
3 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 aplogger.adpushup.com www.bg3.co
cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 secure.adnxs.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
g2.gumgum.com
2 cm.adgrx.com 2 redirects
2 inv-nets.admixer.net 2 redirects
2 sync.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 x.yieldlift.com 1 redirects public.servenobid.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 a.sportradarserving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 tags.srv.stackadapt.com creative.stackadapt.com
2 px.moatads.com 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
2 mb.moatads.com z.moatads.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 p.rfihub.com 2 redirects
2 cr-pall.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 ad.turn.com 2 redirects
2 googleads4.g.doubleclick.net www.bg3.co
2 pool.admedo.com 2 redirects
2 cms.quantserve.com 1 redirects 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
2 hblg.media.net www.bg3.co
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 ap.srv.stackadapt.com 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
2 ap.evm1.stackadapt.com www.bg3.co
2 www.gstatic.com 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 dsp.nrich.ai 1 redirects
1 um.simpli.fi 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 sync.extend.tv 1 redirects
1 sync.taboola.com 1 redirects
1 d.adroll.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 nep.advangelists.com 1 redirects
1 ssp.disqus.com public.servenobid.com
1 cm.adform.net public.servenobid.com
1 sync.go.sonobi.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 ads.yahoo.com www.bg3.co
1 id.rlcdn.com 1 redirects
1 code.createjs.com s0.2mdn.net
1 tr.blismedia.com 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
1 c.bing.com eb2.3lift.com
1 geo.moatads.com z.moatads.com
1 cr-p3.ladsp.jp 1 redirects
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 res-a.akamaihd.net www.bg3.co
1 cc.adingo.jp 1 redirects
1 aid.send.microad.jp 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
1 cs.r-ad.ne.jp 1 redirects
1 s.tribalfusion.com 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
1 cdn.stackadapt.com 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
1 z.moatads.com 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
1 cksync.yahoo.co.jp 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
1 ds.uncn.jp 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 mts0.google.com 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
1 cdn.adnxs.com cdn.adpushup.com
1 warp.media.net cdn.adpushup.com
1 qsearch-a.akamaihd.net cdn.adpushup.com
1 rules.quantcount.com secure.quantserve.com
1 b61a36e0a14d367c54e505eab745483c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 0bac53416c6f8fbacdad0aca93caa0ff.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-1710843936287949449.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 visitor.omnitagjs.com Failed ssbsync.smartadserver.com
0 sync.outbrain.com Failed g2.gumgum.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
485 186

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.adpushup.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-27 -
2022-08-29		 2 years crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.a-mo.net
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-08-05 -
2023-09-04		 a year crt.sh
*.evm1.stackadapt.com
Amazon		 2021-10-28 -
2022-11-26		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.stackadapt.com
Amazon		 2022-06-07 -
2023-07-05		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2021-10-06 -
2022-11-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ssp.disqus.com
Amazon		 2021-12-20 -
2023-01-18		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh

This page contains 88 frames:

Primary Page: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Frame ID: 34A5995088FDB753350D9305061A9CF2
Requests: 91 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: A9F4773492A69F21691170A30E09E74C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1EA73BF5A11C30245B23BB05C5F45117
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: BECCF875DE1344ACD2C1F907B631BD71
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1A6432E754D2B7C4C3EB944D00B9F63B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-14483676512517832713&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2682&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=4215&ga_cid=amp--JcvnSWwuO-i_IcMnFMdEQ&ga_hid=4215&dt=1661368279272&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&bdt=2329&dtd=452&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 024909BF6C5B5EF8F50066BB68984858
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Frame ID: 4D3DB40CA7C4CA0F4E196FD0E9795DDA
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Frame ID: 1D5E90A8B56C793AB6489D6947D02D6F
Requests: 9 HTTP requests in this frame

Frame: https://0bac53416c6f8fbacdad0aca93caa0ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3FFE34C4016E49CE33B88284F3A8E3A9
Requests: 1 HTTP requests in this frame

Frame: https://b61a36e0a14d367c54e505eab745483c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2FF6B4B8EA88187404ACF08219C47DC0
Requests: 1 HTTP requests in this frame

Frame: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B95A2689B1C32CB98AC911FCA3533C29
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 03FEEF8A81C4E9E643688497A2D07E29
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 750C9A2D6DAF664C2B06A5941773A4A0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 782A85DCB09EE338962A136196278116
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41B33289D77816BF9C5F460B3AF28BAE
Requests: 2 HTTP requests in this frame

Frame: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 48DA4987B4C4714799B7A7808E32CDF4
Requests: 16 HTTP requests in this frame

Frame: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F326EDFFDB12682768A582EF9BD40F7E
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0idoOh_vekoaHuFipFIObc4E4_riokwrmRTY1dAHf-obz7lZTZTmDRO40-Osr-NiIGnY0HmmpkWXav_P2VLuSdsoqHWSqGzambEVKsxhdGLU8hv_uKzDBTNxuiP378YmZhB5anLP2f4_EErBEb6nbJet0hFb7dOKGvjprX1ICq5Uu9zT1xYIAZVU7B3dY6FAqbSGnqJUQFYPOrPgAFgei37a9nGR-d2OwvbU0LB13Tfyp7XLqaJz4dZ8fhUKZ6oby0TLg_HJv_ZyN6HXO2VTfydDeojTync74OkromQF1TiO8a7xuiGSiRA&sai=AMfl-YRGUAtPmF3tM4UOwb_J9Q6smvZlJEczZB2a91jmVKmcCjQq2W7ZKZH7DrvybfB6NcvRL5rx5CbvRDmc74oupMp6IZFux_d8oWYQckNGTAheALWDMgD3-tQvS8o2x1U&sig=Cg0ArKJSzHQwzcUicOrLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CA83C1D6F2427E5C168447848D05DBEC
Requests: 18 HTTP requests in this frame

Frame: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 8539CAEC6462CD06B655C6CE60CC0688
Requests: 1 HTTP requests in this frame

Frame: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 92B87C1DD70F6C62CF4D63A5F115D3D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9220ACA146285A73421AEF4A69BC99FF
Requests: 9 HTTP requests in this frame

Frame: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: F23E33218A86CBBA35E7225B43F5617B
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C63DD32BAB79508073FD02CAB10F9771
Requests: 9 HTTP requests in this frame

Frame: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 281554D94BDE5B030B174746EAD66A67
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 148966E19C79CE412EE71998246E5AEA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B01CF5DBE54828C26D07CBCC8B90A6EF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2B2C1989826C5EAB0FFC7118A027208
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF049AADE07B65DBAF2F6D75F86C99A4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33DA4111CDD41A971F5904DE93EA8E15
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45C72E964D8907E529498607B7FB9992
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE0773A7B8FBA6BAC704DC3F94EE7DD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FBABC4D9D36445FF5F8ABFD50237D86
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNVZ1BsmEFcZ666ErBkJYD_egJ3H6Si6e33HCZyYUrqy9c5P2O2faI2ItRJ5utiBpyApWAMZIVR_tKtbvRcL0sWxbLJGWA
Frame ID: B550BB7621AF389F35D401595DCBE522
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8E977DA71534BC92976AB8F8525B58E5
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 72F33C4934CDE48012035C417CCBFC8E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Frame ID: 497DFC35057A7DA96009B6077A216C8A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Frame ID: 71688F6225D1678E2E8925A399313499
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63B83B77E7D83A154811F3844F8B70CC
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 158FB3FF21D9ACC6FFCCF188D4AD6D75
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 420C6324194B41C50B99777FE0ED2E98
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F2FE5F5CA21820BF87D8FC9D75F93218
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: B6015C849EE9103F355503ABD978ACD6
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: A3FB4927FB5EF2FC669FA267A14D7308
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 889AC18F726F3522836E4FE3E4985C56
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9223CADC9E1C4523B6E2F93E04A8CCD4
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661368280741
Frame ID: 79AE2E46CA884194FA62F2DB04A3CE8D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 25863DC7C0AEFBE54728A93A6C4E9FB0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 526E1E5FA85108F94388FF2271FE9205
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Frame ID: AFA28AFC6825D7399AF47904FA4FC737
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 737D8FF29D07CF60E5C1CFE244BE5B25
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=rkt&refUrl=&vid=13682853683043698846836918000V10&ovsid=1975461764915802390
Frame ID: 333B39C39DFE0C88D7C7FB35FEC7D036
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Frame ID: 95CA03DBBE8A32CE8434EAC97E20E788
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E2545A6E42B4456C8805098D04150AB9
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BE96835BB563092935A7B241F78BF2E6
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: CBAB753F8FEC04B6F8506D70A5E928F9
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: FAD8EFD28F748E633B01161DA49B3E9B
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: F8BDF3706AE64FF0468EF09E023846AD
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 7D6348B2B48DA4634BF221F171F95C58
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 63AA9807FA95117C207B89A655BA9BE3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: D1B7A790D3CFE082E86242A62DA1AAC4
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=DEC9AF99-DED7-471D-8216-5BD47B531BBF
Frame ID: ACDC21C609BF77DC1EC4C09612EDB33A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
Frame ID: 35934681D83AA7E85F964FEBD0EF2EC8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwZ33gAI1ooBGgAK&gdpr=0&gdpr_consent=&_test=YwZ33gAI1ooBGgAK
Frame ID: 01105253ADB2100D2BA7152D849BBE44
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wst165wpbz2
Frame ID: 63873DFD88665A26F3253FA711239A89
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 4383509404EFD02D5BF0A58A500C8162
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 781EB82CC44CBC766921332C7B80F673
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=DEC9AF99-DED7-471D-8216-5BD47B531BBF
Frame ID: 4C8760AF4EB888CFBD8947553BFE8B9C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=128debef3c3f408eb4bb99add751fb7e
Frame ID: 0E5D38650D028D2AE17D75CA6576FE16
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zj2wRe0w1OqVMF5&gdpr=0&gdpr_consent=
Frame ID: A76D134E17EFD4644472EAE70EA0F0C8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PemK8abuDdOMKvEc33cGYw
Frame ID: E5C66A444837E6A8F4E40FEDAD180834
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
Frame ID: 8909874720EEF2F537EC772026D38163
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8d7c0170-23e0-11ed-864a-cf979e5379e4
Frame ID: 85BF7D694C5C5C3D21E7F1099644AA9A
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=082d5ab6-6f30-421e-899e-6ffd32c003f1-tuct9fffd5e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 2BE8AF785F27344EEA34A39D0BCDD489
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 1ADBD4FE0B6695D7299A700897AE823D
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 8A0ED4C3C6A6D175C883D6FA718A3426
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 02C04E56D84FF0EB2EF7849B0761CCF3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 931BC815F726E5E9775A4E33E75649BF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=pba&refUrl=&vid=13682853683043698846836918000V10&ovsid=DEC9AF99-DED7-471D-8216-5BD47B531BBF
Frame ID: 167FB9429581DF90D60BE7DD1A379300
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
Frame ID: 5A1F420575C369EEFC20A211794146D3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YwZ33wAI15YGGAAK&gdpr=0&gdpr_consent=&_test=YwZ33wAI15YGGAAK
Frame ID: 8E3DD1DB78B7E969D5CADA38622BEEE6
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81ZDA5YzJlMC1mMGJkLTQxZTAtOGNhNi0zYTJhYTBjMDEzYjA=&gdpr=0&gdpr_consent=
Frame ID: 673B3FC0551EE150E29925422F2BE810
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: BFD3580D778E23C995DE83A33C66B681
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=492e6757-f51f-41aa-a4dc-76241c67fd3b
Frame ID: AC5F0DBC639857604EA767E8909267C4
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: DDA92660012192752800E5B4666CA0B0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YwZ338Co5ssAAGuPcHQAAAAA
Frame ID: 0BD3212739D2A1159F85BCDACCB39DD3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YwZ33F2KtzHErm0Xp68OOwAA%26883
Frame ID: 231036C65DDB50C800E81FD5B289CBF4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=8UWOemAwr0Q0RAwfgxso&pi=gumgum&tc=1
Frame ID: 080E799F6DCA8BE5E358D773A62D1221
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 83FC5E765DFE806E183EA4AAC1338170
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

聚焦漢字文化  傳揚中華文明 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

485
Requests

75 %
HTTPS

0 %
IPv6

113
Domains

186
Subdomains

110
IPs

10
Countries

3589 kB
Transfer

9668 kB
Size

157
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 85
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661368279439&bpp=13&bdt=1559&idt=742&shv=r20220822&mjsv=m202208160101&ptt=5&saldr=sa&correlator=844228839690&frm=23&ife=1&pv=2&ga_vid=1062505456.1661368280&ga_sid=1661368280&ga_hid=1453013469&ga_fc=0&ga_cid=amp--JcvnSWwuO-i_IcMnFMdEQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2829673436&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771548&oid=2&pvsid=2345163948386885&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ptakvk3twhho&fsb=1&dtd=761 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Request Chain 89
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661368279591&bpp=11&bdt=1695&idt=863&shv=r20220822&mjsv=m202208220101&ptt=5&saldr=sa&correlator=844228839690&frm=23&ife=1&pv=1&ga_vid=1784231591.1661368280&ga_sid=1661368280&ga_hid=1746362342&ga_fc=0&ga_cid=amp--JcvnSWwuO-i_IcMnFMdEQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1756&biw=1600&bih=1200&isw=336&ish=280&ifk=1634228816&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31069108&oid=2&pvsid=2755714129352862&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ua4vf6kp9z2&btvi=1&fsb=1&dtd=879 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Request Chain 191
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHtbWUP4D4EU1t41n_sCZQ&google_cver=1&google_push=AehlK4AqTxOu5hwOjFKon4PeEx070YMgci6wpV-ilkVDuMfum60q487XyYi-h7xfUgr9ev9_Hw8cj71WLKxpAV8CjaJa5PQpKYM1Vt4uB1Ohe0egE_sj-jsHWkUgogWmnmf00g4BvnpEHxmP HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOHtbWUP4D4EU1t41n_sCZQ&google_cver=1&google_push=AehlK4AqTxOu5hwOjFKon4PeEx070YMgci6wpV-ilkVDuMfum60q487XyYi-h7xfUgr9ev9_Hw8cj71WLKxpAV8CjaJa5PQpKYM1Vt4uB1Ohe0egE_sj-jsHWkUgogWmnmf00g4BvnpEHxmP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AqTxOu5hwOjFKon4PeEx070YMgci6wpV-ilkVDuMfum60q487XyYi-h7xfUgr9ev9_Hw8cj71WLKxpAV8CjaJa5PQpKYM1Vt4uB1Ohe0egE_sj-jsHWkUgogWmnmf00g4BvnpEHxmP&google_hm=wnLqU7VWS0WtU2xUKI6mBg==
Request Chain 193
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEE2TVQkQtbMUHR1U1YrFa-I&google_cver=1&google_push=AehlK4D1DXMdUVNBx2zIG7zOH-QOlM1UYRaftljVFVw_hEwRk1FHfLG0WoGLa2DIi2v4xEj12DVNrrJlkllyqogAG3M52ahHo7T5eMVCkK_lFgTYQYe3GoOY4e3ub0o5uvvuXR1EUVtNgUrl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4D1DXMdUVNBx2zIG7zOH-QOlM1UYRaftljVFVw_hEwRk1FHfLG0WoGLa2DIi2v4xEj12DVNrrJlkllyqogAG3M52ahHo7T5eMVCkK_lFgTYQYe3GoOY4e3ub0o5uvvuXR1EUVtNgUrl
Request Chain 194
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEJdQensPM5hy-VQzSVfA0_A&google_cver=1&google_push=AehlK4BxQwq3SlVqFtn5jWavMHJ88ZnYCbk7YwDXiKEm_eFR6kq0Tec8-cTAzheYmXN2Yyp2aVmDG2LjuujClpYGgECdkPne4HI-Rq078UYniN3ovfNQK2AwkMVGW7p0pwV2yVEj-7pBfUmI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4BxQwq3SlVqFtn5jWavMHJ88ZnYCbk7YwDXiKEm_eFR6kq0Tec8-cTAzheYmXN2Yyp2aVmDG2LjuujClpYGgECdkPne4HI-Rq078UYniN3ovfNQK2AwkMVGW7p0pwV2yVEj-7pBfUmI&google_hm=AdncErsTsEGFsJ-FhUJqJ70
Request Chain 195
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDcQnL8MMcrS26IMjvVV4tM&google_cver=1&google_push=AehlK4DuPnSgyHFkk00Vkhwmkt5w5AezM6-WxoMgPmnITylXTkgiS_U84IWpgkWN4b5obklpphopYVt2bQc-60HusnLBomSw8MHOxr2AkAHN4OTSAIZjUQ45QbSojETT48_bZWPyQQD3TdDq HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4DuPnSgyHFkk00Vkhwmkt5w5AezM6-WxoMgPmnITylXTkgiS_U84IWpgkWN4b5obklpphopYVt2bQc-60HusnLBomSw8MHOxr2AkAHN4OTSAIZjUQ45QbSojETT48_bZWPyQQD3TdDq&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1661368284096 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4DuPnSgyHFkk00Vkhwmkt5w5AezM6-WxoMgPmnITylXTkgiS_U84IWpgkWN4b5obklpphopYVt2bQc-60HusnLBomSw8MHOxr2AkAHN4OTSAIZjUQ45QbSojETT48_bZWPyQQD3TdDq%26google_hm%3DBFpVYECbpUN4kXU5a1EoGJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DuPnSgyHFkk00Vkhwmkt5w5AezM6-WxoMgPmnITylXTkgiS_U84IWpgkWN4b5obklpphopYVt2bQc-60HusnLBomSw8MHOxr2AkAHN4OTSAIZjUQ45QbSojETT48_bZWPyQQD3TdDq&google_hm=BFpVYECbpUN4kXU5a1EoGJg
Request Chain 196
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEDc3aY0c30xZkRfO3A087x8&google_cver=1&google_push=AehlK4AWb9qDSYvBYBnPRcyxVGfdk_bkYEOosk5tP0KCmVPaX9mA-gGaoOav0wZOynAaDk1IPDzTPS9OQdgqcUZU4euB4wte4siT7yjT-Ij80Osj7fXEzdS-JneYSJoVjxOSrCCcLwLWH-QoxQ HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEDc3aY0c30xZkRfO3A087x8&google_cver=1&google_push=AehlK4AWb9qDSYvBYBnPRcyxVGfdk_bkYEOosk5tP0KCmVPaX9mA-gGaoOav0wZOynAaDk1IPDzTPS9OQdgqcUZU4euB4wte4siT7yjT-Ij80Osj7fXEzdS-JneYSJoVjxOSrCCcLwLWH-QoxQ&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4AWb9qDSYvBYBnPRcyxVGfdk_bkYEOosk5tP0KCmVPaX9mA-gGaoOav0wZOynAaDk1IPDzTPS9OQdgqcUZU4euB4wte4siT7yjT-Ij80Osj7fXEzdS-JneYSJoVjxOSrCCcLwLWH-QoxQ&google_hm=OE5QYXZlZUg2STQ=&suid-set=1
Request Chain 216
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBKBU74s-VGXmqkmKI7F9Tc&google_cver=1&google_push=AehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF-HS9v-47Elb4vHEIAGwcZYxOZe8psNlcxkdwCp0cHye&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF-HS9v-47Elb4vHEIAGwcZYxOZe8psNlcxkdwCp0cHye%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBKBU74s-VGXmqkmKI7F9Tc&google_cver=1&google_push=AehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF-HS9v-47Elb4vHEIAGwcZYxOZe8psNlcxkdwCp0cHye&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF-HS9v-47Elb4vHEIAGwcZYxOZe8psNlcxkdwCp0cHye%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 217
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEADkGfhl7bf2lo40HQKuOfw&google_cver=1&google_push=AehlK4Ag3ldgBnEH-bCdfFtYfYwrA-68abRgsKo1c-KDDCJthEl-REepmeO01WXgOt0hiu0G_fqAUtjry2vBY4l_G25dB2Rf14p1j_2JhSjMei33MKi1bizkyGl9JZpCz0FOryhn37MvNHTS HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEADkGfhl7bf2lo40HQKuOfw&google_cver=1&google_push=AehlK4Ag3ldgBnEH-bCdfFtYfYwrA-68abRgsKo1c-KDDCJthEl-REepmeO01WXgOt0hiu0G_fqAUtjry2vBY4l_G25dB2Rf14p1j_2JhSjMei33MKi1bizkyGl9JZpCz0FOryhn37MvNHTS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDkyZTY3NTctZjUxZi00MWFhLWE0ZGMtNzYyNDFjNjdmZDNi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=492e6757-f51f-41aa-a4dc-76241c67fd3b
Request Chain 218
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECQKlKjD7TpXNaNZFQdqago&google_cver=1&google_push=AehlK4DkgBTxifBhUWsOHykBO8HCZIl6Lu66BuB33n1Jiv-UIWWhdGjizssmh15DS2CHrniBkxMS2x3UOQjWkHM5_fTnU1mPk5K_tQ5ToVeKkyqY7mkQ5q-eKs2Ny58R5SxhqU3mZFb1jV9U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DkgBTxifBhUWsOHykBO8HCZIl6Lu66BuB33n1Jiv-UIWWhdGjizssmh15DS2CHrniBkxMS2x3UOQjWkHM5_fTnU1mPk5K_tQ5ToVeKkyqY7mkQ5q-eKs2Ny58R5SxhqU3mZFb1jV9U&google_hm=NTA4SkJPMDBSQkRHYTAwN0Ixd3Y
Request Chain 220
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEL5s2BLjfC8uWaM7Mfo2dxg&google_cver=1&google_push=AehlK4CkOi1zfg62w4EvgkaYdPKBSdGMURwJDhqpvS-KZWO57V0fPh3dxNoftPpT-1MRC0HgLgFXXEqsH9wYdhc90llsJsajFBdqpkeNhMWPDWJYZWU_2gQYzjlYhqlolkIpe-VZNbTW_jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wQf48xvNTrRJnGNlsu9V3K310bE&google_push=AehlK4CkOi1zfg62w4EvgkaYdPKBSdGMURwJDhqpvS-KZWO57V0fPh3dxNoftPpT-1MRC0HgLgFXXEqsH9wYdhc90llsJsajFBdqpkeNhMWPDWJYZWU_2gQYzjlYhqlolkIpe-VZNbTW_jQ
Request Chain 221
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEB-V3h6PyjeLS21ujX-XPR4&google_cver=1&google_push=AehlK4Ag-ztxcl4N09-MW9LdXcUbxdi3d56ji3fspt25SQAKsoA8SHnRPw2sp0n7lD5qWlpx6LDEcinAcC2zz_XfizitQjGE7r0Xw3Y9cecBxezZEFE82tDnNeqadiEoiKtM20B5PKRur3pA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4Ag-ztxcl4N09-MW9LdXcUbxdi3d56ji3fspt25SQAKsoA8SHnRPw2sp0n7lD5qWlpx6LDEcinAcC2zz_XfizitQjGE7r0Xw3Y9cecBxezZEFE82tDnNeqadiEoiKtM20B5PKRur3pA&google_hm=bf1f2445246236d9ea1b67253160e356
Request Chain 222
  • https://an.yandex.ru/mapuid/google/CAESEAgNmNg68nPoDZJsG-FCeUo?ext-param=AehlK4BsrDYnGqMkHXCQ0HaGbcOBbVQEPLHeZyLaHvHYQKV1SRCCeKJ48rU7pwxe-e71WueP817Zqt0MMLgtG78OdsdYZhzOes3ugQlYEzuvdcOsDEPTbl89Kne8SbAScsqqvthO_VQu-Ke-LA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAgNmNg68nPoDZJsG-FCeUo?redir-setuniq=1&ext-param=AehlK4BsrDYnGqMkHXCQ0HaGbcOBbVQEPLHeZyLaHvHYQKV1SRCCeKJ48rU7pwxe-e71WueP817Zqt0MMLgtG78OdsdYZhzOes3ugQlYEzuvdcOsDEPTbl89Kne8SbAScsqqvthO_VQu-Ke-LA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAgNmNg68nPoDZJsG-FCeUo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzA0MzY5ODg0NjgzNjk5NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESED3odw4pNXMJMoauwFgtVZY&google_cver=1
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1&C=1
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwZ33F2KtzHErm0Xp68OOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHZtr2Sd126RcU2Z4kZsys4&google_cver=1
Request Chain 258
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5MzczNDkyMDU1NTA0MDQ4MQ%3D%3D
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzA0MzY5ODg0NjgzNjk0NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESED3odw4pNXMJMoauwFgtVZY&google_cver=1
Request Chain 280
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIdzlDnzeIdmRL7rhp5hx3g&google_cver=1&google_push=AehlK4BRVpYMMOvi2f-DhzUJTJ4hhNnaFqP5GRqFeeGnmDAizshi7kSz1GlbvR1_lRXR_BJdU3OxodcL7pQ7lMU865T6Paz2cHdXq4JlLYtB5kjgUDux2JZGmMSr9qY3d0sE2wGaQYzp8A HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIdzlDnzeIdmRL7rhp5hx3g&google_cver=1&google_push=AehlK4BRVpYMMOvi2f-DhzUJTJ4hhNnaFqP5GRqFeeGnmDAizshi7kSz1GlbvR1_lRXR_BJdU3OxodcL7pQ7lMU865T6Paz2cHdXq4JlLYtB5kjgUDux2JZGmMSr9qY3d0sE2wGaQYzp8A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFM5UkFZOEIxT3FWTUY1&google_gid=CAESEIdzlDnzeIdmRL7rhp5hx3g&google_cver=1&google_push=AehlK4BRVpYMMOvi2f-DhzUJTJ4hhNnaFqP5GRqFeeGnmDAizshi7kSz1GlbvR1_lRXR_BJdU3OxodcL7pQ7lMU865T6Paz2cHdXq4JlLYtB5kjgUDux2JZGmMSr9qY3d0sE2wGaQYzp8A
Request Chain 281
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGTpdU4-lDX3wzh8hk87dxg&google_cver=1&google_push=AehlK4AtDMHXjRLfX13piFWQOSZqlAR8BnH3reQ8_jqRaqdKlTn3Du3hU849JA1gxrbmQ-0yIroKNXjDKBf0YjyaltxD-jYpkoVDvEBbFbyhNEd5trug-alnFj5sICCDu2rEOYuhQ4hI18k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4AtDMHXjRLfX13piFWQOSZqlAR8BnH3reQ8_jqRaqdKlTn3Du3hU849JA1gxrbmQ-0yIroKNXjDKBf0YjyaltxD-jYpkoVDvEBbFbyhNEd5trug-alnFj5sICCDu2rEOYuhQ4hI18k&google_hm=Eo3r7zw_QI60u5mt11H7frE
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHtbWUP4D4EU1t41n_sCZQ&google_cver=1&google_push=AehlK4BvkYzGnf-yzhS8SyEInglnSLl7zikhLS-QMHpJjK3xyFFowly8bgkekD31o2wclRUc7IaTjqRrmI3V5vkuqgQiocHqBVlDDEIkZbRVJLCu24ehiAyI4VB-S1qlkk_NOiC7iHmbEr8 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=c272ea53-b556-4b45-ad53-6c54288ea606 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=c272ea53-b556-4b45-ad53-6c54288ea606 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2cb05a91-3225-4d67-92e6-ffb90fc9eb7e&user_group=1&ssp=google&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BvkYzGnf-yzhS8SyEInglnSLl7zikhLS-QMHpJjK3xyFFowly8bgkekD31o2wclRUc7IaTjqRrmI3V5vkuqgQiocHqBVlDDEIkZbRVJLCu24ehiAyI4VB-S1qlkk_NOiC7iHmbEr8&google_hm=wnLqU7VWS0WtU2xUKI6mBg==
Request Chain 283
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEELumXPaZwey2Rq5GYeowv4&google_cver=1&google_push=AehlK4B70kLT24cA5EJ1_gObXjd-pMmpR-1fbod9FSFfcw2i23c6bjBM_5dJXFLTdhAM9mJxScR9cU5uNu9wlF_VeO3suAtxOuIGCBdyMQ-wA1t991O245E8Vp9GumywqD4H4HXOlQE-fQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEELumXPaZwey2Rq5GYeowv4&google_cver=1&google_push=AehlK4B70kLT24cA5EJ1_gObXjd-pMmpR-1fbod9FSFfcw2i23c6bjBM_5dJXFLTdhAM9mJxScR9cU5uNu9wlF_VeO3suAtxOuIGCBdyMQ-wA1t991O245E8Vp9GumywqD4H4HXOlQE-fQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4NjUyMzkwNjcwNjM4NDk0Nw&google_push=AehlK4B70kLT24cA5EJ1_gObXjd-pMmpR-1fbod9FSFfcw2i23c6bjBM_5dJXFLTdhAM9mJxScR9cU5uNu9wlF_VeO3suAtxOuIGCBdyMQ-wA1t991O245E8Vp9GumywqD4H4HXOlQE-fQ
Request Chain 284
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPQS0diAwYMYfsH789tLL-o&google_cver=1&google_push=AehlK4C2PSmovytxDZNaweXVdyBsSQawn5Qtdxw8fgwylS5oatbvlQqisDCmwIP_lbEfUecrucIHMkbaKjLxM1Na1viJaQ5XgBPePYFRQMbPJ7U4feM8R7JgEq5Tozssfj_u1BoT3iArlg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPQS0diAwYMYfsH789tLL-o&google_push=AehlK4C2PSmovytxDZNaweXVdyBsSQawn5Qtdxw8fgwylS5oatbvlQqisDCmwIP_lbEfUecrucIHMkbaKjLxM1Na1viJaQ5XgBPePYFRQMbPJ7U4feM8R7JgEq5Tozssfj_u1BoT3iArlg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C2PSmovytxDZNaweXVdyBsSQawn5Qtdxw8fgwylS5oatbvlQqisDCmwIP_lbEfUecrucIHMkbaKjLxM1Na1viJaQ5XgBPePYFRQMbPJ7U4feM8R7JgEq5Tozssfj_u1BoT3iArlg&google_hm=TDVtVWg0VVRjS1h3VE02MDVQX3k=
Request Chain 285
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJEEUjixmT0Ekx7JEcSPI54&google_cver=1&google_push=AehlK4Bk7QvAyvMHzVxljrYUOp9unW2l4Z8n-J-RvIb1Oj0-Suemqr26qOeZgv6zj9EFnf4m1wl4chCEHBuVk_zNSzvvibYglVraM0yofDJZBfyapKUU2g84n6jRep3YLY5G3AYSHC6a8A HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4Bk7QvAyvMHzVxljrYUOp9unW2l4Z8n-J-RvIb1Oj0-Suemqr26qOeZgv6zj9EFnf4m1wl4chCEHBuVk_zNSzvvibYglVraM0yofDJZBfyapKUU2g84n6jRep3YLY5G3AYSHC6a8A&google_gid=CAESEJEEUjixmT0Ekx7JEcSPI54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4&google_push=AehlK4Bk7QvAyvMHzVxljrYUOp9unW2l4Z8n-J-RvIb1Oj0-Suemqr26qOeZgv6zj9EFnf4m1wl4chCEHBuVk_zNSzvvibYglVraM0yofDJZBfyapKUU2g84n6jRep3YLY5G3AYSHC6a8A
Request Chain 292
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 303
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2651021867338552653&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 304
  • https://match.adsrvr.org/track/cmf/openx?oxid=9825cf55-ccb9-7123-d160-fc11785b582d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=492e6757-f51f-41aa-a4dc-76241c67fd3b&ttd_puid=9825cf55-ccb9-7123-d160-fc11785b582d&gdpr=0&gdpr_consent=
Request Chain 305
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwZ33cCo5ssAAGuPcGUAAAAA
Request Chain 306
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AS4aWbOpXopxks8ADsaW36yH188AAAGC0UQ95A
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAKOMiIxBsKc5ozAG_uOBk0&google_cver=1
Request Chain 314
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 315
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Drkt%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=rkt&refUrl=&vid=13682853683043698846836918000V10&ovsid=1975461764915802390
Request Chain 317
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dapx%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=apx&refUrl=&vid=13682853683043698846836918000V10&ovsid=7093734920555040481
Request Chain 318
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dopx%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=opx&refUrl=&vid=13682853683043698846836918000V10&ovsid=5009a6ca-67b9-4bc3-b22f-827fcab4caf1
Request Chain 319
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dr1%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1601451362 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/492e6757-f51f-41aa-a4dc-76241c67fd3b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dr1%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DRX-5a556040-9ba5-4378-9175-396b51281898-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=r1&refUrl=&vid=13682853683043698846836918000V10&ovsid=RX-5a556040-9ba5-4378-9175-396b51281898-004
Request Chain 320
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=dxu&refUrl=&vid=13682853683043698846836918000V10&ovsid=zj2wRe0w1OqVMF5
Request Chain 321
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dd5a638b-6d7f-4423-aee9-a15d8b109e96
Request Chain 322
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=67af6306-77de-4d00-8b03-9c806ecb11b0&expires=30&ssp=medianet&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 323
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dzem%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=jwmTmr62IInEafLN5tqD&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLKO5WVI3LSGYZESSLOIVQWMTCOGV2HCRBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTGNRYGI4DKMZWHAZTANBTGY4TQOBUGY4DGNRZGE4DAMBQKYYTAJTWONUWIPJTGA2DGNRZHA4DINRYGM3DSMJYGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLKO5WVI3LSGYZESSLOIVQWMTCOGV2HCRBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTGNRYGI4DKMZWHAZTANBTGY4TQOBUGY4DGNRZGE4DAMBQKYYTAJTWONUWIPJTGA2DGNRZHA4DINRYGM3DSMJYGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=jwmTmr62IInEafLN5tqD&refUrl=&type=zem&vid=13682853683043698846836918000V10&vsid=3043698846836918000V10
Request Chain 324
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3043698846836918000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3043698846836918000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=30bb4238-f6a8-4671-a67b-1c2d85613f16&cs=1
Request Chain 326
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=492e6757-f51f-41aa-a4dc-76241c67fd3b
Request Chain 336
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=492e6757-f51f-41aa-a4dc-76241c67fd3b&dongle=0cfd
Request Chain 337
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO8xa8Uq-Hxb_XvFbXMvfV4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 339
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4
Request Chain 340
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=495490772937917103708&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=495490772937917103708&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c87aede8-536e-4c92-856b-1e7b173610f1&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c87aede8-536e-4c92-856b-1e7b173610f1&_noobservation=1&_expected_cookie=ad833c6600a94d7d73a98593cd8233e8
Request Chain 341
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=495490772937917103708&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4744a01d-ea33-41b6-aeb4-f83a5ee0baf1&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c272ea53-b556-4b45-ad53-6c54288ea606&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 343
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/495490772937917103708?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_HxeUQZE2oRE33AJrRPSRxJLyEQSUX4CdgFKb9CuLw--~A&dongle=0883
Request Chain 344
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=495490772937917103708 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=495490772937917103708&dcc=t
Request Chain 345
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ePSpP9SPglnMsWI6bwum&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MVIFG4CQHFJVAZ3MNZGXGV2JGZRHO5LN&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MVIFG4CQHFJVAZ3MNZGXGV2JGZRHO5LN HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ePSpP9SPglnMsWI6bwum
Request Chain 349
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELALh5YZXNWyLX6pfD0dF0U&google_cver=1&google_push=AehlK4DOBSZ9QLLDuCCDvSm5LPsrPZo11zaUHj0SSW6PObiij24DBf9UXHjw8cvuYyrgn6WuE-txD2eY0u9BSEbO592DzS41SGit-Pqfi3xA4gisVNRid3-2PQOKUM-kByCLec8m8loXYb6BGXR2BpOS-7Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AehlK4DOBSZ9QLLDuCCDvSm5LPsrPZo11zaUHj0SSW6PObiij24DBf9UXHjw8cvuYyrgn6WuE-txD2eY0u9BSEbO592DzS41SGit-Pqfi3xA4gisVNRid3-2PQOKUM-kByCLec8m8loXYb6BGXR2BpOS-7Y&google_hm=S3lt-pS23rbfHxoP3mTtlA
Request Chain 350
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECvqVsDsNmF9TXX2FII9AL8&google_cver=1&google_push=AehlK4AtnTciOlF3s3r-dh5Nk5cpBSKdFBr_q1od0Lcrc3B465GQmQ6svLyi4o9FqF063fFqRTCjUfGnPdjxO3eH4em2QrTLYp0ZGIZkqTdcASOnTzPMhbV7gUPyXUDPoDBFx10znRB4WXHOJp7ujgq1Mkk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AtnTciOlF3s3r-dh5Nk5cpBSKdFBr_q1od0Lcrc3B465GQmQ6svLyi4o9FqF063fFqRTCjUfGnPdjxO3eH4em2QrTLYp0ZGIZkqTdcASOnTzPMhbV7gUPyXUDPoDBFx10znRB4WXHOJp7ujgq1Mkk
Request Chain 351
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGTpdU4-lDX3wzh8hk87dxg&google_cver=1&google_push=AehlK4Aj7z_-tv5jilGTS948PZWy-U4pBL07puM479y6WqLntgKD1iCUNiXHt9HNzHncEQZVWeZVB92CpjiTk4kH_KhyKF9SqGB8hrNzKC7HI6X_z1EX4lTXu6cmFIhdwfHJbOXGLUHzJzDPvLEpv9wYsAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4Aj7z_-tv5jilGTS948PZWy-U4pBL07puM479y6WqLntgKD1iCUNiXHt9HNzHncEQZVWeZVB92CpjiTk4kH_KhyKF9SqGB8hrNzKC7HI6X_z1EX4lTXu6cmFIhdwfHJbOXGLUHzJzDPvLEpv9wYsAw&google_hm=Eo3r7zw_QI60u5mt11H7frE
Request Chain 353
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEELumXPaZwey2Rq5GYeowv4&google_cver=1&google_push=AehlK4DDO52MDJXD9L-Q2eMl3XJjugl74MOJCuhlj09uWB1sk4avYBBphFSRNgXWGD_a8e0von0swVl1r7rm4or4WjmAjGs3ioXdsIDOD_d3I6sFDj4Nlrop2h5Yd4dxvIuQvLHz449jeLiMtmXnOGAvtXY HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEELumXPaZwey2Rq5GYeowv4&google_cver=1&google_push=AehlK4DDO52MDJXD9L-Q2eMl3XJjugl74MOJCuhlj09uWB1sk4avYBBphFSRNgXWGD_a8e0von0swVl1r7rm4or4WjmAjGs3ioXdsIDOD_d3I6sFDj4Nlrop2h5Yd4dxvIuQvLHz449jeLiMtmXnOGAvtXY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIxNDgwOTI1OTAzODUzNzc1Nw&google_push=AehlK4DDO52MDJXD9L-Q2eMl3XJjugl74MOJCuhlj09uWB1sk4avYBBphFSRNgXWGD_a8e0von0swVl1r7rm4or4WjmAjGs3ioXdsIDOD_d3I6sFDj4Nlrop2h5Yd4dxvIuQvLHz449jeLiMtmXnOGAvtXY
Request Chain 354
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPQS0diAwYMYfsH789tLL-o&google_cver=1&google_push=AehlK4BXjSUA_BLNTULUZmRc26vslFRaGbFCA5BGoexos38mnzghJzoSS2K-uSPSVQvI1YZBqrw8sU5KuEpdUlMCArhG0pW9gFiLva4w0mq2d33tDAcy8d1-rbCth2o-gm0klmbeH7X1a61_dmSTWn1yBy0 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPQS0diAwYMYfsH789tLL-o&google_push=AehlK4BXjSUA_BLNTULUZmRc26vslFRaGbFCA5BGoexos38mnzghJzoSS2K-uSPSVQvI1YZBqrw8sU5KuEpdUlMCArhG0pW9gFiLva4w0mq2d33tDAcy8d1-rbCth2o-gm0klmbeH7X1a61_dmSTWn1yBy0&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BXjSUA_BLNTULUZmRc26vslFRaGbFCA5BGoexos38mnzghJzoSS2K-uSPSVQvI1YZBqrw8sU5KuEpdUlMCArhG0pW9gFiLva4w0mq2d33tDAcy8d1-rbCth2o-gm0klmbeH7X1a61_dmSTWn1yBy0&google_hm=b09mNlNsVkN4ZXlqZGhLZkR6U0w=
Request Chain 355
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIsujN-hhxiYkEFtBWhlyrU&google_cver=1&google_push=AehlK4BY-xL3oBgIbZLzOM8t9uEcs9DaqeXUZhR_pb6ScIPg4no3fvTnNIOGsAN4ycHeaK-hqlBUmyDGBlZP4_hwpfPzoG7z2c3WMWiLrbDnllo3gnif9ORKJATlDVGOe-CypF-hTuWQwsuVLMfRVDB1UQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIsujN-hhxiYkEFtBWhlyrU&google_cver=1&google_push=AehlK4BY-xL3oBgIbZLzOM8t9uEcs9DaqeXUZhR_pb6ScIPg4no3fvTnNIOGsAN4ycHeaK-hqlBUmyDGBlZP4_hwpfPzoG7z2c3WMWiLrbDnllo3gnif9ORKJATlDVGOe-CypF-hTuWQwsuVLMfRVDB1UQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3smvmd7XRx2CFlvUe1Mbvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BY-xL3oBgIbZLzOM8t9uEcs9DaqeXUZhR_pb6ScIPg4no3fvTnNIOGsAN4ycHeaK-hqlBUmyDGBlZP4_hwpfPzoG7z2c3WMWiLrbDnllo3gnif9ORKJATlDVGOe-CypF-hTuWQwsuVLMfRVDB1UQ
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECTBexAURfoatbVYVuk59Rg&google_cver=1
Request Chain 365
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 366
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L77ZS1RY-1N-KEXB&sigv=1&esig=2~609f47645505a90df014988f1d81db9a0eda15cb
Request Chain 367
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTc1ZjY4ZTRiNWFkM2VjMjdjNjM2ZDNkNmY4ZjRiNDg5NTIyMDBiYg
Request Chain 368
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=I3-z1BP4Qvu3y7ziaLjVUA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I3-z1BP4Qvu3y7ziaLjVUA
Request Chain 369
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1XM60XH7R9a2feWfj_1hFA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1XM60XH7R9a2feWfj_1hFA
Request Chain 370
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3WlMxUlktMU4tS0VYQg==
Request Chain 371
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L77ZS1RY-1N-KEXB
Request Chain 377
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 378
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L77ZS1RY-1N-KEXB&gdpr=0&us_privacy=1YN-
Request Chain 379
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7093734920555040481
Request Chain 380
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FM2_DRZHSviTofGvRYeTCTt8
Request Chain 381
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FM2_DLZHEZc_dIXDRQqYMJA5
Request Chain 382
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiNmVkMzU4M2YtYTY1MC00ZGYzLThmMmMtODk5MWFiNDNkZmNhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQxOToxMToyNy4yNzM4NzdaIn0=
Request Chain 383
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-5a556040-9ba5-4378-9175-396b51281898-004&rndcb=3318264308 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606&google_hm=YzI3MmVhNTMtYjU1Ni00YjQ1LWFkNTMtNmM1NDI4OGVhNjA2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKKlzEtDFHeNAbz6nMgTjCs&google_cver=1&ssp=adconductor&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/c272ea53-b556-4b45-ad53-6c54288ea606?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-5a556040-9ba5-4378-9175-396b51281898-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-5a556040-9ba5-4378-9175-396b51281898-004
Request Chain 384
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1917759393997953743
Request Chain 385
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=24e8009d-a934-41d8-9f78-1dc658de905e
Request Chain 386
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F626%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D07f9ecbf-f245-4211-b1f9-a5372042b5fa%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 387
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
Request Chain 389
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
Request Chain 400
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&dcc=t
Request Chain 401
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=492e6757-f51f-41aa-a4dc-76241c67fd3b&expiration=1663960286&gdpr=0&gdpr_consent=
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBpj9S_rjvpO96KwW39gCek&google_cver=1
Request Chain 404
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=5376ca2cbc82261&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMNsRZZLPX8wMB06v2AAAAAAA&expiration=1661454687&is_secure=true
Request Chain 405
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c6f247fa-a8eb-47d7-8dd2-ffc736bcfff6
Request Chain 406
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2b4b8401-fefd-76aa-77ee29db
Request Chain 407
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=wQf48xvNTrRJnGNlsu9V3K310bE
Request Chain 409
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&dcc=t
Request Chain 410
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=492e6757-f51f-41aa-a4dc-76241c67fd3b&expiration=1663960286&gdpr=0&gdpr_consent=
Request Chain 411
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBpj9S_rjvpO96KwW39gCek&google_cver=1
Request Chain 413
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 414
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAA%26883 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=26d68de9-0124-43da-8cf1-92b63e19f14e-tuct9fffd5f
Request Chain 415
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y
Request Chain 416
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7bb49a11-ea76-4117-96d9-d37b4c679528
Request Chain 419
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
Request Chain 420
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YwZ33gAI1ooBGgAK HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwZ33gAI1ooBGgAK&gdpr=0&gdpr_consent=&_test=YwZ33gAI1ooBGgAK
Request Chain 421
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wst165wpbz2
Request Chain 423
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 425
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=128debef3c3f408eb4bb99add751fb7e
Request Chain 426
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zj2wRe0w1OqVMF5&gdpr=0&gdpr_consent=
Request Chain 427
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PemK8abuDdOMKvEc33cGYw
Request Chain 428
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-5a556040-9ba5-4378-9175-396b51281898-004&rndcb=7426980750 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3Dc272ea53-b556-4b45-ad53-6c54288ea606%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=df76a3257ede47ccac256be580d09a7a&ssp=adconductor&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/c272ea53-b556-4b45-ad53-6c54288ea606?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
Request Chain 429
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8d7c0170-23e0-11ed-864a-cf979e5379e4
Request Chain 430
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=082d5ab6-6f30-421e-899e-6ffd32c003f1-tuct9fffd5e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 433
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3smvmd7XRx2CFlvUe1Mbvw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 437
  • https://idsync.rlcdn.com/420486.gif?partner_uid=DEC9AF99-DED7-471D-8216-5BD47B531BBF HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJERFQzlBRjk5LURFRDctNDcxRC04MjE2LTVCRDQ3QjUzMUJCRhAAGg0I3u-ZmAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=934cd4f547f36da23e57c7d045a4084776f5ccef3e8f37739b7144f948687e0d791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5MzRjZDRmNTQ3ZjM2ZGEyM2U1N2M3ZDA0NWE0MDg0Nzc2ZjVjY2VmM2U4ZjM3NzM5YjcxNDRmOTQ4Njg3ZTBkNzkxNDI2YjU0MTdkY2UyMRAAGgwI3--ZmAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5MzRjZDRmNTQ3ZjM2ZGEyM2U1N2M3ZDA0NWE0MDg0Nzc2ZjVjY2VmM2U4ZjM3NzM5YjcxNDRmOTQ4Njg3ZTBkNzkxNDI2YjU0MTdkY2UyMRAAGgwI3--ZmAYSBAgCEABCAEoA&google_gid=CAESENbgysJh4MzyuqKfkGDpu7Y&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=1f7a90d9-ad91-45ff-a2c1-276db803aac1
Request Chain 438
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=67af6306-77de-4d00-8b03-9c806ecb11b0
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REVDOUFGOTktREVENy00NzFELTgyMTYtNUJENDdCNTMxQkJG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 440
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECNnY7yKtX-rqdWF4gj7Z6Q&google_cver=1
Request Chain 441
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D16BE78D8AB5410A9C314DA151F75D61
Request Chain 443
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=492e6757-f51f-41aa-a4dc-76241c67fd3b
Request Chain 444
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hmrqW4duvlSdYLwL1G33XoE96Fidb-tdiGEmJIso
Request Chain 445
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7093734920555040481&gdpr=0&gdpr_consent=
Request Chain 446
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=6a8d9193-ce69-4409-8b4b-a786a39d89d1&expires=1&user_group=5&ssp=pubmatic&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 447
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Gi5pDNpE2uWQVGehBHUK9_mvVLB7nek-~A&gdpr=0&gdpr_consent=
Request Chain 448
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1801890834697363999
Request Chain 449
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2651021867338552653&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 450
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7093734920555040481
Request Chain 451
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3d5a049ed7ca205b&is_secure=true&networkId=17100&version=1&nuid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALeh4uM1T60gNXmIdbAAAAAAA&expiration=1661454687&nuid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 453
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L77ZS1RY-1N-KEXB HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L77ZS1RY-1N-KEXB
Request Chain 458
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7093734920555040481
Request Chain 459
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=AhZpuwMSPbQZHD_rUBF0vgVBa7gZE2i9DB0xoiP7 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=c272ea53-b556-4b45-ad53-6c54288ea606
Request Chain 460
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28U06FGCMXHxaJHGvoVIwSkCsF-EBVzH_yQ4Vu6yjXojqTBAiGAd_N1ngbGYPEMmf6%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28U06FGCMXHxaJHGvoVIwSkCsF-EBVzH_yQ4Vu6yjXojqTBAiGAd_N1ngbGYPEMmf6%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0&obuid=ENC(U06FGCMXHxaJHGvoVIwSkCsF-EBVzH_yQ4Vu6yjXojqTBAiGAd_N1ngbGYPEMmf6) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=8UWOemAwr0Q0RAwfgxso&pi=outbrain
Request Chain 461
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=6f186b25-e4ac-4975-b61b-ecfcb00b596b
Request Chain 462
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c107f8f3-1bcd-4eb4-499c-6365b2ef55dc$ip$173.245.209.177
Request Chain 463
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-AdeI9pFE2pcnvAzJbj36F48Wa6D_QGI8Dij0~A
Request Chain 464
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=0f335d7c-b239-4cef-b685-594c8120c45d
Request Chain 467
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=oOf6SlVCxeyjdhKfDzSL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT232PMY3FG3CWIN4GK6LKMRUEWZSEPJJUYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT232PMY3FG3CWIN4GK6LKMRUEWZSEPJJUYJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=oOf6SlVCxeyjdhKfDzSL&us_privacy=1---
Request Chain 468
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=1e2431a7-2af1-4505-ac14-2358f1a612db
Request Chain 469
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-5a556040-9ba5-4378-9175-396b51281898-004&rndcb=4622430499 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3Dc272ea53-b556-4b45-ad53-6c54288ea606%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=6f42cfb1a20a4109a0aaefec2606870d&ssp=adconductor&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/c272ea53-b556-4b45-ad53-6c54288ea606?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
Request Chain 470
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=kfSgoTy5zGwU&ev=1&pid=558355
Request Chain 471
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8961907218643304268
Request Chain 473
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
Request Chain 474
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YwZ33wAI15YGGAAK HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YwZ33wAI15YGGAAK&gdpr=0&gdpr_consent=&_test=YwZ33wAI15YGGAAK
Request Chain 477
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=492e6757-f51f-41aa-a4dc-76241c67fd3b
Request Chain 479
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YwZ338Co5ssAAGuPcHQAAAAA
Request Chain 480
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YwZ33F2KtzHErm0Xp68OOwAA%26883
Request Chain 481
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=8UWOemAwr0Q0RAwfgxso&pi=gumgum&tc=1
Request Chain 482
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 484
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L77ZS1RY-1N-KEXB HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L77ZS1RY-1N-KEXB
Request Chain 486
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=492e6757-f51f-41aa-a4dc-76241c67fd3b&gdpr=0&gdpr_consent=
Request Chain 487
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=OuQFBDvgUQsh7lNUaOMYAT2zBwch4QQCNO-esDDS
Request Chain 488
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=oOf6SlVCxeyjdhKfDzSL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5N5HWMNSTNRLEG6DFPFVGI2CLMZCHUU2M&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5N5HWMNSTNRLEG6DFPFVGI2CLMZCHUU2M HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=oOf6SlVCxeyjdhKfDzSL
Request Chain 492
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L77ZS1RY-1N-KEXB HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L77ZS1RY-1N-KEXB

485 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
www.bg3.co/a/ 		55 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
165facc4dde839c42298cdcc6ce1b29fbe0b8cb16c39cb47ce755988a97705d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Aug 2022 19:11:16 GMT
ETag
"db71-+xWcXbi7/vXVQJtKlXzNABdZTn4"
Expires
Wed, 24 Aug 2022 20:11:16 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72499
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 19:11:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"566a4cf199592f12"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Aug 2022 19:11:17 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 19:11:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d1fae90a9114f57d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Aug 2022 19:11:17 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7576
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 19:11:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"df45f464576212d8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Aug 2022 19:11:17 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31989
x-xss-protection
0
server
sffe
date
Wed, 24 Aug 2022 19:11:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"a1b1c4bb043ec9da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Aug 2022 19:11:17 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5223
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EOopJ3Nz0SaDI%2FcXc7mSTuktMPh8O1izKebBMeeRGCBNS56VnNl2%2Ff9KW6nsDT4H%2Fvuur7AM6Ph63qdhWSEKK22JtggcpoJVlxdGKRSd7wF6wkzeVPuN3gHF1iicalttA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
73fe64985c9ba81a-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 24 Aug 2022 19:11:17 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 12:03:06 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-type
application/javascript
content-length
9527
expires
Wed, 24 Aug 2022 20:11:17 GMT
adpushup.js
cdn.adpushup.com/42753/ 		514 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 24 Aug 2022 19:11:17 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 02:59:53 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=9
x-cf-geodata
AU
content-type
application/javascript
content-length
120977
expires
Wed, 24 Aug 2022 20:11:17 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:18 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1661368278.dop035.la3.t,1661368278.cds209.la3.hn,1661368278.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPBHNco9mX5uGIdmCw1OL6vJMFU7Wct%2FqutJxvA%2FqjSA1Eovfag18Vavt%2Ft7lmuJkAjMkR3ukSSvR6q0QPXE3om%2Bb9hWTxJ9RTkdo2iooiMkbcABMe9ChKlNzYZdCPjY2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73fe64990ceda81a-SYD
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
8bd250cbeee887235daf53734913f20e948d5eb5333735aa7f57bf10a9eaa298

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:18 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
8bd250cbeee887235daf53734913f20e948d5eb5333735aa7f57bf10a9eaa298

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:18 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5693162885260357&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:18 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.10885377804347662&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:18 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
e357f124f6696d47a042970f540803f0.jpg
static.bg3.co/imgs/202110/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/e357f124f6696d47a042970f540803f0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f11de2282c468d1a93068e9d85b401e9c7cbc2cc0c6f72ea13a44249f2d078e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:18 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Oct 2021 21:28:48 GMT
server
cloudflare
etag
"E357F124F6696D47A042970F540803F0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0wCldNpbgy79%2Frw46qO1Ae5EkTnre%2FYYhgmeliZW%2FAN4ZNgvrJU6SkaDsdKE6JlFjUOzRCl%2BT6HWTetbrSdJcpjUAZTldT8xruKjfoezT9Vp0v4nEsn03ruu8JNjck%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649bacc0a807-SYD
content-length
27429
expires
Wed, 31 Aug 2022 19:11:18 GMT
403ee38d3ef8f7a7e485a341332d5fd2.jpg
static.bg3.co/imgs/202112/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/403ee38d3ef8f7a7e485a341332d5fd2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8358d72463f68c791074ca19a8b6653977fa8502c50609242663999a4cbb5ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:18 GMT
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 09:50:21 GMT
server
cloudflare
etag
"403EE38D3EF8F7A7E485A341332D5FD2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjNnC7bGYPMg%2Fq7l%2FOiTXGs2dteHcpsLIY0sBxdLdQO3RanL%2BriEJ9swvg4%2BO31FwIsHY3pmf0SBYQeBxXm4qya1CMVToJtZlAdKdeE%2FXE1Oou%2B%2Bo%2B8LWXBZ9NXRw9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649bacc1a807-SYD
content-length
14110
expires
Wed, 31 Aug 2022 19:11:18 GMT
ddb6356a06207232a215ef4efea09f0b.jpg
static.bg3.co/imgs/202109/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/ddb6356a06207232a215ef4efea09f0b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d6da0bcffd0f2c0074154b28b206452524f5449d49c4457440453142d0cfa3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Sep 2021 05:36:31 GMT
server
cloudflare
etag
"DDB6356A06207232A215EF4EFEA09F0B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XM%2BOUEQrOsY%2FZPe1CTAGpxB0Il%2FDTS1IGHOsIsuthGV4bSeySqI%2BrO5KSdgyZZOmeQXX9FBn3WvoahOhO1ZgeKTCDn6ExQsknbIDf51HC22sTPbbpJxmR7mAl9uy%2BcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649bacbda807-SYD
content-length
29988
expires
Wed, 31 Aug 2022 19:11:18 GMT
94613f80197d39219deb68cddfda3486.jpg
static.bg3.co/imgs/202104/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202104/94613f80197d39219deb68cddfda3486.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b090cc332d88bc5bdcf9ca92bf970a60d3feb36d0e5f2857b4c6bc006019319

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:18 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Apr 2021 07:13:04 GMT
server
cloudflare
etag
"94613F80197D39219DEB68CDDFDA3486"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B%2Fnk5budhSzfdRUyT4olxB8MGtwxiMCmXMn5VdPQgtZGGmPtYn8bz3snUi9SZ5Az4%2Fm19tnan8GDjK4EGXxidbJI60VmZ%2FOwGvn628fLCjBUXdA%2B4xdA89PMoFrlv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649bacbfa807-SYD
content-length
8456
expires
Wed, 31 Aug 2022 19:11:18 GMT
0a9675c545d18a00faa14ce2a4d71a0d.jpg
static.bg3.co/imgs/202201/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/0a9675c545d18a00faa14ce2a4d71a0d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8184e5cac1bf2660d129f81e18d543b7d33c98d58a2655014bce447110cd0d25

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Jan 2022 02:23:48 GMT
server
cloudflare
etag
"0A9675C545D18A00FAA14CE2A4D71A0D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5nRimORjo0U1qv0asBWJei9eGXT%2B6oAfYVvxqdMss3jXqukgUjVVwtQewK7E%2FTjguZHVvsfrA4yxdiQRUg4JfLV%2BgiuB7%2BfaNUbBAhaM4ehJxjIxd%2FiGo%2FuZ3T1euk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649bacc2a807-SYD
content-length
26053
expires
Wed, 31 Aug 2022 19:11:18 GMT
57fab7aeb723d98fe11303f398e9dee7.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/57fab7aeb723d98fe11303f398e9dee7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
051b806f47ae396f5381528e43b7694841df79769f1ee33e3377e5c0c898aec0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:18 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 19:54:16 GMT
server
cloudflare
etag
"57FAB7AEB723D98FE11303F398E9DEE7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJrhUo%2BayUuH4gwh4h5CY9KYPGCvJbGBXFVHKhSDAeZEBupkI5RmelS%2FDmditA2rFwDyXwXwJeTEwYmoWgNKhtCfE2xr4ewDIehDqlytgp%2FUsRbQs2upAvRVSqs46c4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649bacc3a807-SYD
content-length
5614
expires
Wed, 31 Aug 2022 19:11:18 GMT
5c621851da6ec9b980d260abab57ba0e.jpg
static.bg3.co/imgs/202109/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/5c621851da6ec9b980d260abab57ba0e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
243a8cd5c7efe3b819a01d4ebb9bf76cf131d5910ffbb108d1e63e7aefb6830c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Sep 2021 01:52:17 GMT
server
cloudflare
etag
"5C621851DA6EC9B980D260ABAB57BA0E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4otmlc%2FAhmO2FyOYkCGXBVePII3Cp2FEnNxbTsj%2FIms4kqhGfaQwWK1PTC%2BKEh0p4%2BpbkCM05Mz%2B%2F6chBqtl0oY%2F8FSXhEydJFHAPZ7HfGEVxPp9vLST1MQYFtz%2FDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649d9dd8a807-SYD
content-length
3801
expires
Wed, 31 Aug 2022 19:11:19 GMT
1377672363793d9436e2379c0297f175.jpg
static.bg3.co/imgs/202105/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1377672363793d9436e2379c0297f175.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6580444fb26c21afab3bdf73b8e638b1e27722f1a24aef86028d89868c78bb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 21:57:32 GMT
server
cloudflare
etag
"1377672363793D9436E2379C0297F175"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHI52hSWjs4N9hKaWYBkwkdQoqH1vTT5vJYOLK19E%2BwFNwgJQ56TCMjteoLk0jQfDCAJmX8o79MtaWeN0NRfggwyEhZDIIKjaDHw1kF0o6zS7HFev5FNw%2BkppbbPYcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649d9dd9a807-SYD
content-length
10200
expires
Wed, 31 Aug 2022 19:11:19 GMT
4b0d408106a2d2a334cd656e579c260d.jpg
static.bg3.co/imgs/202112/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/4b0d408106a2d2a334cd656e579c260d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32152ba812ce33af0d7701775808859c68d1b00d8e2073998315296cd6225848

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Dec 2021 07:31:25 GMT
server
cloudflare
etag
"4B0D408106A2D2A334CD656E579C260D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AOopbqiixmASHBlEqAtiCSFwAcJTIRAd%2FswSIKYNJykfdcG4uOzU5yRIdYsoSbRYzf5FIyOart8n99JofG2y5Brn%2FsBKdY9gYMdHQRKDBJ9I7gP6%2FN%2FrnzCoyBAYoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649d9ddaa807-SYD
content-length
13152
expires
Wed, 31 Aug 2022 19:11:19 GMT
2c8d29bdf8eded447e92b9403347e8b8.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2c8d29bdf8eded447e92b9403347e8b8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825fe6fe931eea3dd81c7416c4a3f3d35dfafaa2228b12411b49eb7d640d8bfc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 00:40:03 GMT
server
cloudflare
etag
"2C8D29BDF8EDED447E92B9403347E8B8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQgk%2FyS76oSWBQMe5ibLKw22aoMzuhQgEjbhJFYR5fBYj9BEkBRO7tPyRds5geab3khyfbI1yen5M0AgRUEfwpbPZd15vMqaF81etehaBPP0UVkzW8q6ohn%2BOuUNXCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73fe649d9ddba807-SYD
content-length
7394
expires
Wed, 31 Aug 2022 19:11:19 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
70686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2977
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 23:33:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ab22edc768bc2763"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Aug 2023 23:33:12 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
70674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23035
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 23:33:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"65c480cb2d2a17eb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Aug 2023 23:33:24 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
fd55646df908cf289bfcd99e2f430b2600e15e16aed2fd0f02a1fab9f34b8241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
70686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3843
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 23:33:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e1102914dcffd250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Aug 2023 23:33:12 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:18 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1661368278.dop035.la3.t,1661368278.cds209.la3.hn,1661368278.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A9F4 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
749db3fe5aacaec8d1f750a8455846bc0272534fc3fc8bf37ee54a1b34e1b843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40222
x-xss-protection
0
server
cafe
etag
1573680750363790862
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 19:11:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1EA7 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
8dc11f3888d380f23d821b487d8a727b2f7ba4b06026357f91f326394f6ef956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40241
x-xss-protection
0
server
cafe
etag
1967721463636525014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 19:11:19 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
70594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10239
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 23:34:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"62cdf4b1a7a2ae40"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Aug 2023 23:34:44 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
364248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57907
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 14:00:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"900caa8e3e134c7a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 20 Aug 2023 14:00:30 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1661368278833
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 24 Aug 2022 19:11:18 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Wed, 24 Aug 2022 20:11:18 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame BECC 		714 B
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6688
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73fe649f9f626a6c-SYD
content-encoding
br
content-type
text/html
date
Wed, 24 Aug 2022 19:11:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYwQ%2Bk34mmR0C%2BAoC%2BUMerHgHeja5uw8uEF%2BVX3AmTZ77kYcAlc8NfMKw0KylHAJlNm2OR1b%2FdmhHCvHwvOv8VIaVB6rImFmpsF0R8kIJu%2FbYu4FktlwlN4YvAlf0qHBgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:19 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
pb.42753.1661278076254.v6.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 18:08:10 GMT
server
nginx/1.18.0
etag
W/"6305178a-557f3"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-type
application/javascript
content-length
93716
expires
Thu, 24 Aug 2023 19:11:19 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?event=PAGE_VIEW&data=eyJzaXRlSWQiOjQyNzUzfQ%3D%3D&pxRes=false
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
server
nginx/1.14.0 (Ubuntu)
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1A64 		714 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73fe64a05fb16a6c-SYD
content-encoding
br
content-type
text/html
date
Wed, 24 Aug 2022 19:11:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BvFeKydgPv3rUA3%2B5DhLNIEJdMnxV0naQJuFPIWRe0M5r8jIPvSn8tSMKgrjS2okHKBd9Q9GL%2B6a4JYjO1Y%2BI1qPSKrC7EK83CrKsH75Mj52Z5k6HuoD1HPjuICjGg3nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
657ba1eb-9620-4d10-a430-5a17b92c40a3
https://www.bg3.co/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/657ba1eb-9620-4d10-a430-5a17b92c40a3
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BECC 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
ab21d485ddc8e04878802fd4255540053c55feeb27bcc0dc8beb1468007ef26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28542
x-xss-protection
0
server
sffe
etag
"1312 / 980 of 1000 / last-modified: 1661339366"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 24 Aug 2022 19:11:19 GMT
gtag.json
cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
144255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 03:07:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d737f3c89b0705df"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Aug 2023 03:07:04 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-1710843936287949449.ampproject.net/2208051912001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-1710843936287949449.ampproject.net/2208051912001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1A64 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
ab21d485ddc8e04878802fd4255540053c55feeb27bcc0dc8beb1468007ef26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28542
x-xss-protection
0
server
sffe
etag
"1312 / 975 of 1000 / last-modified: 1661339366"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 24 Aug 2022 19:11:19 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ Frame A9F4 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
7fca9bf67d2a0363efe8dd3cfa075df841b3980ab38ed83aa4cf3b94a9d0ef01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122623
x-xss-protection
0
server
cafe
etag
13220156849710616929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 19:11:19 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/ Frame 1EA7 		343 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ffecc1c0a3117844bcbcf2976a9b349b2698a309293aeb45e008d254361aabb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123233
x-xss-protection
0
server
cafe
etag
2976376256055090852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 19:11:19 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame BECC 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Aug 2023 12:34:22 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%81%9A%E7%84%A6%E6%BC%A2%E5%AD%97%E6%96%87%E5%8C%96%C2%A0%C2%A0%E5%82%B3%E6%8F%9A%E4%B8%AD%E8%8F%AF%E6%96%87%E6%98%8E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp--JcvnSWwuO-i_IcMnFMdEQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.3126859401983839&gjid=0.8422050486323025&_r=1&a=4215&z=0.9833773952708678&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-type
application/javascript
content-length
211
expires
Thu, 24 Aug 2023 19:11:20 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-type
application/javascript
content-length
17440
expires
Wed, 24 Aug 2022 20:11:20 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
ab21d485ddc8e04878802fd4255540053c55feeb27bcc0dc8beb1468007ef26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28542
x-xss-protection
0
server
sffe
etag
"1312 / 527 of 1000 / last-modified: 1661339366"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 24 Aug 2022 19:11:20 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:19 GMT
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 1A64 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Aug 2023 12:34:22 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjEzNjgyNzk5ODYsInBhY2tldElkIjoiMDAwMEE3MDEtNTQ4OGIyZDEtYjJmOS00MTBkLWE5NDAtYTM2YTc2OTcwYTEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2p1LWppYW8teWktemktd2VuLWh1YS1jaHVhbi15YW5nLXpob25nLWh1YS13ZW4tbWluZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:19 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjEzNjgyNzk5ODcsInBhY2tldElkIjoiMDAwMEE3MDEtNTQ4OGIyZDEtYjJmOS00MTBkLWE5NDAtYTM2YTc2OTcwYTEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2p1LWppYW8teWktemktd2VuLWh1YS1jaHVhbi15YW5nLXpob25nLWh1YS13ZW4tbWluZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:19 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEzNjgyNzk5ODcsInBhY2tldElkIjoiMDAwMEE3MDEtNTQ4OGIyZDEtYjJmOS00MTBkLWE5NDAtYTM2YTc2OTcwYTEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2p1LWppYW8teWktemktd2VuLWh1YS1jaHVhbi15YW5nLXpob25nLWh1YS13ZW4tbWluZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:19 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEzNjgyNzk5OTIsInBhY2tldElkIjoiMDAwMEE3MDEtNTQ4OGIyZDEtYjJmOS00MTBkLWE5NDAtYTM2YTc2OTcwYTEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2p1LWppYW8teWktemktd2VuLWh1YS1jaHVhbi15YW5nLXpob25nLWh1YS13ZW4tbWluZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:19 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEzNjgyNzk5OTQsInBhY2tldElkIjoiMDAwMEE3MDEtNTQ4OGIyZDEtYjJmOS00MTBkLWE5NDAtYTM2YTc2OTcwYTEzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2p1LWppYW8teWktemktd2VuLWh1YS1jaHVhbi15YW5nLXpob25nLWh1YS13ZW4tbWluZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:19 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0249 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-14483676512517832713&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2682&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=4215&ga_cid=amp--JcvnSWwuO-i_IcMnFMdEQ&ga_hid=4215&dt=1661368279272&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&bdt=2329&dtd=452&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:20 GMT
expires
Wed, 24 Aug 2022 19:11:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220824
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3e5769b50199a784f497baed5fd808561f9eb5dd8eedc479ddad31ec9d93c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15006
x-jsd-version
1.0.1442
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19130-FRA, cache-iad-kiad7000144-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-X0qOsT95Dju0AixUjbkkTzLojuY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUm97dBTGvmflFnyBxakWI4jrD8QubAofwHFCsoPdfgr8cAiHJM3FmYce2FKqNT4sSjz38WusKiBenxwZHp8PXWMMNjYX%2Fsq47GSte2z6%2FhGa%2BvB06Yug7%2BaG91HcJtC%2FT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73fe64a8484ba87d-SYD
access-control-expose-headers
*
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 24 Aug 2022 19:11:20 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 24 Aug 2022 19:11:21 GMT
prebid
ib.adnxs.com/ut/v3/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a2bc368ffea85865d06fc1c0551686eea80c57649282bc0a35d32c6790a8b5d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 24 Aug 2022 19:11:21 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a315bb70-cf43-4181-8ab6-777e33713624
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ 		818 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10614
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=43332238728
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
prebid.media.net/rtb/ 		1 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7c51dea2090ed5b681a0f74d2d397831cf91589c79abbc1d9b287b8d97b696a0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
113
alt-svc
clear
via
1.1 google
cygnus
htlb.casalemedia.com/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22299d69f30fc4969%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236797928a59890f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223910247678b829f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2240e7208f55c89ec%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224b89f00c-653e-4ed4-8bb6-34f91c7c6bd0%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f57352893f1cfa5b66e88f6f760ebcb1c5edae0f79bfdfe79f5664bdc76ce9

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oM6gv3V4NeOWyX%2FYLn8iE1tkiW0crO%2FYI5VzG8uYPHcqRdO99rtMmDgziYx%2BDY1INUtk1x%2B9d1EF8WYXNiN2U03hL8yZi9od6zzEf0d8A7qVgvFtQAJFQZOiZj8hSWh7Y0IarHnQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73fe64a87ff56a51-SYD
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22299d69f30fc4969%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223910247678b829f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2240e7208f55c89ec%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224b89f00c-653e-4ed4-8bb6-34f91c7c6bd0%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f57352893f1cfa5b66e88f6f760ebcb1c5edae0f79bfdfe79f5664bdc76ce9

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BlNcTTPzp0S0l4bWymhUZRxpA6muorEWZ3bmuYUcDvP982lpzfgW9CMbu7jwPYE1y5Wobn8IcqqsZjDxP9L9anbSI9zwFTK35U%2BkjUYyNOlmEjXy9I3l%2BPc4Y%2FZfS1TJPsTzg8I"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73fe64a87ff76a51-SYD
expires
0
arj
adpushup-d.openx.net/w/1.0/ 		173 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3b0956eb-9464-4631-a35f-4e08f73707b3%2C5ce7111b-a1ac-4f2c-bd82-b5282ec310b1%2Caf50e81a-9c61-4582-8ed6-046465a76e8c&nocache=1661368280146&pubcid=4b89f00c-653e-4ed4-8bb6-34f91c7c6bd0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
444d83097617ceb3408342812c05970b54211ced57814ee830ed1760562041dc

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=226b6e2a-701a-4ce3-953b-9aae8528c768&nocache=1661368280146&pubcid=4b89f00c-653e-4ed4-8bb6-34f91c7c6bd0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:20 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=100e6bf2-b193-49bc-8045-5172f7740f08&nocache=1661368280146&pubcid=4b89f00c-653e-4ed4-8bb6-34f91c7c6bd0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:20 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a18b0ecb-926f-4926-9cb1-49ed39be2226&nocache=1661368280146&pubcid=4b89f00c-653e-4ed4-8bb6-34f91c7c6bd0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:20 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.101.105 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-101-105.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:20 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
455b716ae18cbfb81685b2a872d3856f0ca0027d78b89a7dc26beb3b7871c059

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a7d3e37cf4434d78c07260bfe62603dca705177c393d3e03936d26c9d5ef1f1a

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.150.84 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-150-84.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cd2fc2a73734ba5d6d6e03b1f97d6fb9d8f69fdcda589979319769707a5599f8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=4b89f00c-653e-4ed4-8bb6-34f91c7c6bd0%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=f9dbf82f-c7e4-4426-afcc-a2238b06696b%3B980ad60f-4cf7-42cc-82c0-dd8ac105f733%3B0f0131a9-3d5b-42f2-b052-7e3ea9aa5d19&l_pb_bid_id=618ea865368221c%3B625aba2eded931%3B630cb751b14ae08&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.02245719561258963
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
324f0037ee81753c5f4d1ddc4d9dea87727408fb7113df122356717b8586d270

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
auction
rtb.adxpremium.services/openrtb2/ 		59 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:21 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
etag
"gV5iHc/sd8Rde4C/i53H5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 31 Aug 2022 19:11:20 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame A9F4 		379 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
24f3723b948c0d0b03ec4691806fbaf157935e846b2d68aa3918f204424043d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame A9F4 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A9F4 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
adx.holmesmind.com/adx-file/20220823/ Frame 4D3D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
1 KB
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d2c9c9f82fb7c73c50fac260546953a83ede3bb46d6ce302d499796c19e0a3b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
856
content-encoding
gzip
content-type
text/html
date
Wed, 24 Aug 2022 18:57:17 GMT
etag
W/"0cbc58039b2c0f0200175f5efbcead69"
last-modified
Tue, 23 Aug 2022 12:56:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 29538516c408fc0fb7e987b242cec184.cloudfront.net (CloudFront)
x-amz-cf-id
jGlw5CpkPaE5H3VtY8iWwj4D28HBndD0-csir1B6S7j9OVP6mdIVVA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
NMN5cxSlnUT3TNLYe9UCI.KXzSvHXJKc
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:20 GMT
location
https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 1EA7 		379 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
d6a4bd11a7451ad00e38a9daff9e829e3317b61eadea3af22c206d5fbdbfa926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 1EA7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1EA7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
adx.holmesmind.com/adx-file/20220823/ Frame 1D5E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
1 KB
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d2c9c9f82fb7c73c50fac260546953a83ede3bb46d6ce302d499796c19e0a3b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
856
content-encoding
gzip
content-type
text/html
date
Wed, 24 Aug 2022 18:57:17 GMT
etag
W/"0cbc58039b2c0f0200175f5efbcead69"
last-modified
Tue, 23 Aug 2022 12:56:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 29538516c408fc0fb7e987b242cec184.cloudfront.net (CloudFront)
x-amz-cf-id
n856H2A8MvLET5IGlqsH8uT7RFanSaxEuR4KAH4Ztf2NbpHxACqCOw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
NMN5cxSlnUT3TNLYe9UCI.KXzSvHXJKc
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:20 GMT
location
https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame BECC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BECC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BECC 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4132152246352116&correlator=3600822607558403&eid=31068928%2C31069105&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661368280717&lmt=1644386353&dlt=1661368279052&idt=1613&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=mvzecrzcep6h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=827555267.1661368281&ga_sid=1661368281&ga_hid=1289611845&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
7f507cae0e9f60607a81e71d55d5b184658ba21168cb955a2f6bf0be771214e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0bac53416c6f8fbacdad0aca93caa0ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3FFE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0bac53416c6f8fbacdad0aca93caa0ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:21 GMT
expires
Thu, 24 Aug 2023 19:11:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Aug 2023 12:34:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Wed, 24 Aug 2022 19:11:21 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 1A64 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1A64 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1A64 		492 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2674846589228385&correlator=3711629186484674&eid=31068829%2C31068928&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661368280862&lmt=1644386353&dlt=1661368279160&idt=1693&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hiurez8fqinq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1726979700.1661368281&ga_sid=1661368281&ga_hid=1424136216&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
2f7d5276b891833740b6847e05708324cdb6893b569b677870485e806bbb94ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b61a36e0a14d367c54e505eab745483c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FF6 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b61a36e0a14d367c54e505eab745483c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:21 GMT
expires
Thu, 24 Aug 2023 19:11:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-11.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:05:11 GMT
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
age
371
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 28 Jul 2022 16:54:54 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
BweEYL6IAs_LDxg3bAe6Ys2WX3tYUEp8C0PtGlceXaZwN64P41fkRA==
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIyNzI0NzRfMTY2MTM2ODI4MTI0MiIsInVzZXJJZCI6IjQ3NzQ5OF8xNjYxMzY4MjgxMjQyIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiOTA0OTk0XzE2NjEzNjgyODEyNDIiLCJwYWdlUGF0aCI6IiUyRmElMkZqdS1qaWFvLXlpLXppLXdlbi1odWEtY2h1YW4teWFuZy16aG9uZy1odWEtd2VuLW1pbmcuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZqdS1qaWFvLXlpLXppLXdlbi1odWEtY2h1YW4teWFuZy16aG9uZy1odWEtd2VuLW1pbmcuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjEzNjgyODEyNDJ9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:21 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvanUtamlhby15aS16aS13ZW4taHVhLWNodWFuLXlhbmctemhvbmctaHVhLXdlbi1taW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		54 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvanUtamlhby15aS16aS13ZW4taHVhLWNodWFuLXlhbmctemhvbmctaHVhLXdlbi1taW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
e7aea762f3569f5f0a4677e57012eb90f29abc28fd008cbb0f9acb1a49e3d396

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
last-modified
Sun, 21 Aug 2022 23:32:37 GMT
server
nginx/1.18.0
etag
"6302c095-d844"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=228, origin; dur=437
accept-ranges
bytes
content-type
application/json
content-length
23954
expires
Wed, 24 Aug 2022 20:11:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BECC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
82d98acd9068eefb8ebd915f94fe0c5386d1e17d841c0b7e2f4d2181f0325684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11137
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1A64 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
d2af95bd72cda6a85823f96faaa92f425fd0d363d5b171510d4abe36f36a1cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11070
x-xss-protection
0
pixel;r=896153880;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=896153880;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1548432290-1661368281485;pbc=4b89f00c-653e-4ed4-8bb6-34f91c7c6bd0;ns=0;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1661368281485;tzo=0;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1D5E 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
ab21d485ddc8e04878802fd4255540053c55feeb27bcc0dc8beb1468007ef26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28542
x-xss-protection
0
server
sffe
etag
"1312 / 781 of 1000 / last-modified: 1661339366"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 24 Aug 2022 19:11:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4D3D 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220823/nUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
ab21d485ddc8e04878802fd4255540053c55feeb27bcc0dc8beb1468007ef26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28542
x-xss-protection
0
server
sffe
etag
"1312 / 868 of 1000 / last-modified: 1661339366"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 24 Aug 2022 19:11:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BECC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1A64 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:22 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		247 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2016278908234196&correlator=4458261514668100&eid=31068501%2C31069104%2C44761478%2C31068825%2C44768683%2C44770639&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D828f4515a2aa32e%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D8350e7cb4514b91%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D845e6ec50398e84%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Dfccc675060d3b23d-22f2a707cad500e5%3AT%3D1661368280%3ART%3D1661368280%3AS%3DALNI_MZcIxDSfJprEwTF6WpoTTMrASvh2A&gpic=UID%3D000008fe5786fecf%3AT%3D1661368280%3ART%3D1661368280%3AS%3DALNI_MbRD8opIm208ae9ROMSF7bvznjiog&arp=1&abxe=1&dt=1661368281992&lmt=1661368281&dlt=1661368276943&idt=4146&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1455087646.1661368282&ga_sid=1661368282&ga_hid=4215&ga_fc=false&ga_cid=amp--JcvnSWwuO-i_IcMnFMdEQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
220f5b7d10fb12dbf37449f4f4ec4926f7879fcfdb3f13bb900d9334d123c9b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55344
x-xss-protection
0
google-lineitem-id
-1,-1,5859721654
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138375334554
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B95A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:22 GMT
expires
Thu, 24 Aug 2023 19:11:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6f9f01ee2c9bea2279ce0f57a4367fc4fd0501f8a36d16b49ccdac2325d9d6e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73179
x-xss-protection
0
expires
Wed, 24 Aug 2022 19:11:22 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageVisited&data=eyJzZXNzaW9uSWQiOiIyNzI0NzRfMTY2MTM2ODI4MTI0MiIsInVzZXJJZCI6IjQ3NzQ5OF8xNjYxMzY4MjgxMjQyIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiOTA0OTk0XzE2NjEzNjgyODEyNDIiLCJwYWdlUGF0aCI6IiUyRmElMkZqdS1qaWFvLXlpLXppLXdlbi1odWEtY2h1YW4teWFuZy16aG9uZy1odWEtd2VuLW1pbmcuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZqdS1qaWFvLXlpLXppLXdlbi1odWEtY2h1YW4teWFuZy16aG9uZy1odWEtd2VuLW1pbmcuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjEzNjgyODIxMzF9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:22 GMT
server
nginx/1.14.0 (Ubuntu)
css2
fonts.googleapis.com/ 		3 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 18:41:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Aug 2022 19:11:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Aug 2022 19:11:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 03FE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
27009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 11:41:13 GMT
expires
Thu, 24 Aug 2023 11:41:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 750C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
GSE /
Resource Hash
db613b78704973372e0f768722207d5f6197401f6a702db2d6a8f570f2df8f5e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2VgEG35Dy5ZwzO7cAJG59g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-2VgEG35Dy5ZwzO7cAJG59g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:22 GMT
expires
Wed, 24 Aug 2022 19:11:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 782A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
27009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 11:41:13 GMT
expires
Thu, 24 Aug 2023 11:41:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 41B3 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
GSE /
Resource Hash
26587d8ff7e372bd95ed4a146b7ab1f4f16f2c5a0f3a7858a02071354f0f74cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RAGC8rw5I2m7hUCcr1loSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-RAGC8rw5I2m7hUCcr1loSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:22 GMT
expires
Wed, 24 Aug 2022 19:11:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 1D5E 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Aug 2023 12:34:22 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 4D3D 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Aug 2023 12:34:22 GMT
container.html
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 48DA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Thu, 24 Aug 2023 19:11:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F326 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Thu, 24 Aug 2023 19:11:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame CA83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0idoOh_vekoaHuFipFIObc4E4_riokwrmRTY1dAHf-obz7lZTZTmDRO40-Osr-NiIGnY0HmmpkWXav_P2VLuSdsoqHWSqGzambEVKsxhdGLU8hv_uKzDBTNxuiP378YmZhB5anLP2f4_EErBEb6nbJet0hFb7dOKGvjprX1ICq5Uu9zT1xYIAZVU7B3dY6FAqbSGnqJUQFYPOrPgAFgei37a9nGR-d2OwvbU0LB13Tfyp7XLqaJz4dZ8fhUKZ6oby0TLg_HJv_ZyN6HXO2VTfydDeojTync74OkromQF1TiO8a7xuiGSiRA&sai=AMfl-YRGUAtPmF3tM4UOwb_J9Q6smvZlJEczZB2a91jmVKmcCjQq2W7ZKZH7DrvybfB6NcvRL5rx5CbvRDmc74oupMp6IZFux_d8oWYQckNGTAheALWDMgD3-tQvS8o2x1U&sig=Cg0ArKJSzHQwzcUicOrLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
nmedianet.js
contextual.media.net/ Frame CA83 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4JWBS7
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d40e7e21962ec907afdebdd1ba1bea388e4304a494b17452f6a7b0e1c8c03f31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"35ab28569fcbef2ac7247972f97b509a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Wed, 24 Aug 2022 19:11:23 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-31
expires
Wed, 24 Aug 2022 19:16:23 GMT
log
qsearch-a.akamaihd.net/ Frame CA83 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=22132338&app_type=&bdr_typ=1&ogerpm=0.01&dn=bg3.co&stid=22132338&other_prv=4&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=dcf05472f2e1467b85a690e1ad434026&req_id=8789905155324178142&bidfp=0.0000&pvag_id=&ugd=4&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&exp=&ver=8.13.0&totalTimeBucket=2&visibility=0&fdbk_id=&second_bidder=*&totalTime=2122330&e_rpm=&dmm_m22=0.0100&gpid_format=&gdpr=&vsid=&seat=BID_API&size=120x600&f_seg=&prdp=&gpid_sent=false&ogerpm_used=false&cid=8CU2CV286&bcrid=352177074&ogcbdp=0.0100&dfpbd=&server=6&ogerpm_wd_bkt=0-1&viewability=0.78&rawbid=0.01&dmm_r=&dmm_l=&sub_bidder=196&tcyerpm=&sc=NSW&send_erpm=false&pst=EMS&sd=&hb_exp=&pbshr=100.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-common-5568dd587b-xjp2r.LA&adblk=&ugd_ver=&requrl=bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&itype=appnexus_experiment&pvid_seat=4_BID_API&bidrestime=0&cc=AU&strg=smm_migration_test&ss=&cliIP=0&advurl=https%3A%2F%2Frelated.360topics.com&crid=752115612&time_stamp=2022-08-24+19%3A11%3A20&sat=1&rvshhon=&bdp=0.0100&br_id=265&ct=Beaconsfield&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.0&sc_pvid=4&capd=&algo=&other_bids=0.01&dc=west_la
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
96.17.72.64 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a96-17-72-64.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:23 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 24 Aug 2022 19:11:23 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame CA83 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
125.56.225.45 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a125-56-225-45.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Wed, 24 Aug 2022 19:11:23 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=10949
access-control-allow-credentials
true
content-length
62892
expires
Wed, 24 Aug 2022 22:13:52 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame CA83 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:23 GMT
Content-Encoding
gzip
Age
15675175
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21978-LGA, cache-syd10153-SYD
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1661368283.255032,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 265599
it
lax1-ib.adnxs.com/ Frame CA83 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bg3.co%252Fa%252Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&e=wqT_3QKEBeiEAgAAAwDWAAUBCNjvmZgGEL7-2Kqry7TWUBgAKjYJexSuR-F6hD8RYVRSJ6CJgD8ZAAAAgD0Ktz8hYQ0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Cyl_enAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG9P4BmAF4oAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACjepa6gJNaHR0cHM6Ly93d3cuYmczLmNvL2EvanUtamlhby15aS16aS13ZW4taHVhLWNodWFuLXlhbmctemhvbmctaHVhLXdlbi1taW5nLmh0bWyAAwCIAwGQAwCYAxegAwGqA0ESGDg3ODk5MDUxNTUzMjQxNzgxNDJfc2JpZBoTNTgxMzI1MjUwNjA1OTY4NTY5NCIJMzUyMTc3MDc0KgVNMTE3M8ADrALIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTczLjI0NS4yMDkuMTc3qAQAsgQPCAAQBBh4INgEKAEwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLKX96cBiAUBmAUAoAXe3ePDr4WB_nnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUA4AUB8AXFlCH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG-eMC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADiIAUAAyAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=92365b80053a93dc66af1ad8acc9190f57afc69a
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:23 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c3a46e74-6f68-405b-8300-f63a4770618e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA83 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:22 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9qdS1qaWFvLXlpLXppLXdlbi1odWEtY2h1YW4teWFuZy16aG9uZy1odWEtd2VuLW1pbmcuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTU0ODhiMmQxLWIyZjktNDEwZC1hOTQwLWEzNmE3Njk3MGExMyIsImJpZHMiOlt7ImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwMDgwNzUsInJlc3BvbnNlVGltZSI6MTAxNywibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiYXBwbmV4dXMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDAwODA3NSwid2lubmVyQWRVbml0SWQiOiI4NDVlNmVjNTAzOThlODQiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzUsM10sInNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIxMjB4NjAwIiwicHJlYmlkQXVjdGlvbklkIjoiYWMyNjBlZTUtYzE0Yi00YTQ3LWFkYWEtZWNlZmI4MzMwNzllIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjF9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:22 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.com.au/adsid/ Frame 1D5E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1D5E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1D5E 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=403684210710715&correlator=238077736828949&eid=44761477&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=424536528%3A40828883%2C1528662_icook_300x250_MB_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=934391782&sfv=1-0-38&fsapi=false&eri=4&sc=1&cdm=adx.holmesmind.com&abxe=1&dt=1661368282889&dlt=1661368281594&idt=1285&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=336&ish=280&scr_x=-12245933&scr_y=-12245933&ucis=upw0u8yimsya&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Ficook.tw&loc=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20220823%2FnUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html&top=www.bg3.co&frm=8&vis=1&psz=336x250&msz=336x250&fws=256&ohw=0&ea=0&ga_vid=32916957.1661368283&ga_sid=1661368283&ga_hid=294864536&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
c32ef9d5888be9e4084a7b90e9af3419a4b71b444ec3e70921849af1d8a08099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12454
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8539 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:22 GMT
expires
Thu, 24 Aug 2023 19:11:22 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 4D3D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4D3D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4D3D 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2138441010117634&correlator=2558556958782107&eid=44770638%2C31068921&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=424536528%3A40828883%2C1528662_icook_300x250_MB_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=934391782&sfv=1-0-38&fsapi=false&eri=4&sc=1&cdm=adx.holmesmind.com&abxe=1&dt=1661368282952&dlt=1661368281600&idt=1342&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=336&ish=280&scr_x=-12245933&scr_y=-12245933&ucis=vvmzahub2njb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Ficook.tw&loc=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20220823%2FnUDNY99feAS8okWEQnY1mx2ELFEPV5z0tREnzCaH.html&top=www.bg3.co&frm=8&vis=1&psz=336x250&msz=336x250&fws=256&ohw=0&ea=0&ga_vid=782927768.1661368283&ga_sid=1661368283&ga_hid=84019661&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
970e6e3af4ea8fe9315d0e5257ee386f17238c6d66cc34fc71048f61e90d751d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9578
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 92B8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Thu, 24 Aug 2023 19:11:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8m0&_p=4215&cid=1455087646.1661368282&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661368283&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&dt=%E8%81%9A%E7%84%A6%E6%BC%A2%E5%AD%97%E6%96%87%E5%8C%96%C2%A0%C2%A0%E5%82%B3%E6%8F%9A%E4%B8%AD%E8%8F%AF%E6%96%87%E6%98%8E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview_to_pub_ga_failed_unique&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame 03FE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame 782A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 750C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=4132152246352116&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 41B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=2674846589228385&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1D5E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
38372a94c6e11515730e4faca69d16133de2857007b605fcdb3538ddb5b263a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10957
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1EA7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
464bb0a2b9b868a36a9d56f0794a799f5da55f7213322d2d66c965b08f6c88a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11127
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Aug 2022 19:11:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4D3D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
3048560894ba8f71d210600f4c2ced5bebc6687408cdf5fe7a2159fccb97f49a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11088
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A9F4 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
29e5523aa37498213a7b3c79f641603de1569678d6894f681f591743f24e5333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11123
x-xss-protection
0
css
fonts.googleapis.com/ Frame 48DA 		8 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 18:20:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Aug 2022 19:11:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Aug 2022 19:11:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 48DA 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 15:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 15:59:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 48DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2vfD2ncGY9ehCNPC3LUP_K-OUJr5__9r0Pn4go4QZBABILqEwDNgpYCAgJABoAHYwPXRA8gBCakCpoXEBskwpz7gAgCoAwHIA8sEqgSgAk_Q5Y5QINrJ3gc1Lunx-58wWMsvpmn16ZoZuQ3zBJ5wNcriYD-l-g-qfrU2RDcNBK8kIeZzd_DaIo7Ah42uxetE78010dSdYuBi_HfU-qbPkijkfgG8fUCUOmgbP0_IX9w5mfUMuklaX5bDEVA6HcCI3v-0EdA0xmWJ9Jx9mVeviCZgKkocnKbMwRMd4-oAUl89xgyfLD0MYXNYIkrUmFKNklLpdBXW16MaOJYqp67yJldEGZI7moXMBnTPRt65KTVDkm1lE09tAodyA8jUGJHkrprbxT-YhgUjMHvfsv2vw4UDkXRMADdDXn2bFR6mUhBIPQOL5j9lZBYXYHtRHHdyEQFcInTdShQpHnR8E9MVroRUrg-k6E52hvnpYQR2BsAE4-a0id4D4AQBkgUECAQYAZIFBAgFGASgBi6AB5C_ii6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCL0gjSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwGYDMvOs4neA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=4gnhH5Ge4IE&uach_m=[UACH]&template_id=515
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 48DA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 16:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 16:59:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 48DA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 17:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48DA 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 48DA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 18:39:37 GMT
l
www.google.com/ads/measurement/ Frame 48DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpSpEJyiS7HGpW6_fQ0wwkp8Q9MChLyxZ1QagAi3w1yaEgsUto2ck_NYBzX3wKdHUb-tFiKwwdzQC_En0n0TV9JcG18Q
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame 48DA 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 22:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 00:09:29 GMT
data=67Nw_nUGH7o0jAs4XPZiuR_1_7LO6HIbDO8JpRZsLsaGznpWxOidYmQoksb1sR9g114V4U1rswz2nlvrvShggYW7Vjh3dizx7XwMg8Y7ygnEvBEXL20B2d-LcQ
mts0.google.com/vt/ Frame 48DA 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=67Nw_nUGH7o0jAs4XPZiuR_1_7LO6HIbDO8JpRZsLsaGznpWxOidYmQoksb1sR9g114V4U1rswz2nlvrvShggYW7Vjh3dizx7XwMg8Y7ygnEvBEXL20B2d-LcQ
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
bff8625b89e0961465540f40cfe46f12ce0b2f85796341252b4d42d6e669e661
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76423
x-xss-protection
0
x-server-version-bin
CggIBBC7hZKYBg==
server
scaffolding on HTTPServer2
etag
02640dd377460b3c8
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
expires
Wed, 24 Aug 2022 20:11:23 GMT
truncated
/ Frame 48DA 		244 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 48DA 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame F326 		8 KB
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 18:20:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Aug 2022 19:11:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Aug 2022 19:11:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame F326 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 15:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 15:59:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F326 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVkff2ncGY9ihCNPC3LUP_K-OUJr5__9r8P_4go4QZBABILqEwDNgpYCAgJABoAHYwPXRA8gBCakCpoXEBskwpz7gAgCoAwHIA8sEqgSiAk_QnaoNEH_e0XEoGOaBAYTI0ZuUenii049s-s6Mj20afqcA0jkpdeP2b3pXAEArv_Lrqd8BPZRNDQu7gSlBwp6fyRd2WvNsMXtcF1pw9mVkw2oAlvUHATt8ifUjQ_67D-7KmLN1CapjmDnxR1AkD_3-EzJeXqKbdZEqUXpjwwBKdxhCSoWhE-BLYr1QYAPYpW-hioe5UnWQOq3WS5tfUtsuSyANRRdPJkUrQDZvABwEEDYojhbu2ghjN7JyvaDT3ZUByXN4a0xSS8TPpVEGAWlVhRxKBkyocPCxxBZDT9MGwURq4Mcm8U-N11f4bLmYXKEYsINuHrRLCQpMl23hYaHtOnoNshCazYCaf6NDqFjh12OcKbwj40I4Cw7FcwK89cFQwATj5rSJ3gPgBAGSBQQIBBgBkgUECAUYBKAGLoAHkL-KLqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMzqC9IIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAZgMy86zid4DuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=0kjhx0Oa-Ys&uach_m=[UACH]&template_id=515
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame F326 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 16:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 16:59:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame F326 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 17:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F326 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame F326 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 18:39:37 GMT
l
www.google.com/ads/measurement/ Frame F326 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRha-Mj7IsEp9jDi_h964HjbiWyr1vSj0T2-jGnllKnytWpWkrYgTQ43L6kvD85wepzJENssSugDK3p2EpgUhEO0nOA-w
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame F326 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 22:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 00:09:29 GMT
9938130957414306310
tpc.googlesyndication.com/simgad/ Frame F326 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9938130957414306310?w=100&h=100
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
7f95ef023b44f025b47b6250719441733c001666c9e0ac1b16dca7dad585ade4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 07:17:08 GMT
x-content-type-options
nosniff
age
474855
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 06:11:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Aug 2023 07:17:08 GMT
truncated
/ Frame F326 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F326 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1D5E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:23 GMT
generate_204
tpc.googlesyndication.com/ Frame 03FE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QIGMSg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1EA7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_fy2021.js?bust=31069108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:23 GMT
generate_204
tpc.googlesyndication.com/ Frame 782A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LjtdQQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9220 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
52805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 04:31:18 GMT
etag
48472445140208031
expires
Thu, 25 Aug 2022 04:31:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4D3D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:23 GMT
container.html
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F23E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Thu, 24 Aug 2023 19:11:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A9F4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:23 GMT
truncated
/ Frame 48DA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd838bebf2470cde56a2a215496ce252d594531e43d2761d5723af0c94fe2d67

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C63D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
52805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 04:31:18 GMT
etag
48472445140208031
expires
Thu, 25 Aug 2022 04:31:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F326 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f59552e0f096c59a9eb2572e6f746a0cbac18861385154600bc66594e20094a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2815 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Thu, 24 Aug 2023 19:11:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1489 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
27010
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 11:41:13 GMT
expires
Thu, 24 Aug 2023 11:41:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B01C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
GSE /
Resource Hash
981676bf806c12123dd278a0f9c6cd8131344fcf0b869f3e0d1403682e22e31e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pWkViQNrMsAZjp3I0dxwRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-pWkViQNrMsAZjp3I0dxwRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Wed, 24 Aug 2022 19:11:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D2B2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
27010
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 11:41:13 GMT
expires
Thu, 24 Aug 2023 11:41:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CF04 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
GSE /
Resource Hash
ee1634161159fc19e6e919bcf64b0b4c55a2789250c62d156193aee10d153828
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZC6-NSsFFpuRwm-CRD-a8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ZC6-NSsFFpuRwm-CRD-a8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Wed, 24 Aug 2022 19:11:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 9220
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHtbWUP4D4EU1t41n_sCZQ&google_cver=1&google_push=AehlK4AqTxOu5hwOjFKon4PeEx070YMgci6wpV-ilkVDuMfum60q487XyYi-h7xfUgr9ev9_Hw8cj71WLKxpAV8CjaJa...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOHtbWUP4D4EU1t41n_sCZQ&google_cver=1&google_push=AehlK4AqTxOu5hwOjFKon4PeEx070YMgci6wpV-ilkVDuMfum60q487XyYi-h7xfUgr9ev9_Hw8cj71WLKxpAV...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AqTxOu5hwOjFKon4PeEx070YMgci6wpV-ilkVDuMfum60q487XyYi-h7xfUgr9ev9_Hw8cj71WLKxpAV8CjaJa5PQpKYM1Vt4uB1Ohe0egE_sj-jsHWkUgogWmnmf00g...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AqTxOu5hwOjFKon4PeEx070YMgci6wpV-ilkVDuMfum60q487XyYi-h7xfUgr9ev9_Hw8cj71WLKxpAV8CjaJa5PQpKYM1Vt4uB1Ohe0egE_sj-jsHWkUgogWmnmf00g4BvnpEHxmP&google_hm=wnLqU7VWS0WtU2xUKI6mBg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AqTxOu5hwOjFKon4PeEx070YMgci6wpV-ilkVDuMfum60q487XyYi-h7xfUgr9ev9_Hw8cj71WLKxpAV8CjaJa5PQpKYM1Vt4uB1Ohe0egE_sj-jsHWkUgogWmnmf00g4BvnpEHxmP&google_hm=wnLqU7VWS0WtU2xUKI6mBg==
Date
Wed, 24 Aug 2022 19:11:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 9220 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEC-RsB3bC48ukWKq-Wfqiv4&google_cver=1&google_push=AehlK4Dl_MrxKQKmQxtA03-6-TcN0qcOvoM4doBN18vbSR4mYK3nSVFaHd9E-7cTG_hHUj77xJ7_QXxywrpZYsDOT-YArO4T7bAkldl3dMnljRGrOXdz2PPJN1IXLaZ5sxMbjREe6p_pqNnW
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Aug 2022 19:11:24 GMT
pixel
cm.g.doubleclick.net/ Frame 9220
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEE2TVQkQtbMUHR1U1YrFa-I&google_cver=1&google_push=AehlK4D1DXMdUVNBx2zIG7zOH-QOlM1UYRaftljVFVw_hEwRk1FHfLG0WoGLa2DIi2v4xEj12DVNrrJlkllyqogAG3M5...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4D1DXMdUVNBx2zIG7zOH-QOlM1UYRaftljVFVw_hEwRk1FHfLG0WoGLa2DIi2v4xEj12DVNrrJlkllyqogAG3M52ahHo7T5eMVCkK_lFgTYQYe3GoOY4e...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4D1DXMdUVNBx2zIG7zOH-QOlM1UYRaftljVFVw_hEwRk1FHfLG0WoGLa2DIi2v4xEj12DVNrrJlkllyqogAG3M52ahHo7T5eMVCkK_lFgTYQYe3GoOY4e3ub0o5uvvuXR1EUVtNgUrl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4D1DXMdUVNBx2zIG7zOH-QOlM1UYRaftljVFVw_hEwRk1FHfLG0WoGLa2DIi2v4xEj12DVNrrJlkllyqogAG3M52ahHo7T5eMVCkK_lFgTYQYe3GoOY4e3ub0o5uvvuXR1EUVtNgUrl
date
Wed, 24 Aug 2022 19:11:25 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 9220
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEJdQensPM5hy-VQzSVfA0_A&google_cver=1&google_push=AehlK4BxQwq3SlVqFtn5jWavMHJ88ZnYCbk7YwDXiKEm_eFR6kq0Tec8-cTAzheYmXN2Yyp2aVmDG2LjuujClpYGg...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4BxQwq3SlVqFtn5jWavMHJ88ZnYCbk7YwDXiKEm_eFR6kq0Tec8-cTAzheYmXN2Yyp2aVmDG2LjuujClpYGgECdkPne4HI-Rq078UYniN3ovfNQK2AwkMVGW7p0pwV...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4BxQwq3SlVqFtn5jWavMHJ88ZnYCbk7YwDXiKEm_eFR6kq0Tec8-cTAzheYmXN2Yyp2aVmDG2LjuujClpYGgECdkPne4HI-Rq078UYniN3ovfNQK2AwkMVGW7p0pwV2yVEj-7pBfUmI&google_hm=AdncErsTsEGFsJ-FhUJqJ70
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4BxQwq3SlVqFtn5jWavMHJ88ZnYCbk7YwDXiKEm_eFR6kq0Tec8-cTAzheYmXN2Yyp2aVmDG2LjuujClpYGgECdkPne4HI-Rq078UYniN3ovfNQK2AwkMVGW7p0pwV2yVEj-7pBfUmI&google_hm=AdncErsTsEGFsJ-FhUJqJ70
Date
Wed, 24 Aug 2022 19:11:24 GMT
Server
Apache
Connection
keep-alive
Content-Length
275
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 9220
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4DuPnSgyHFkk00Vkhwmkt5w5AezM6-WxoMgPmnITylXTkgiS_U84IWpgkWN4b5obklpphopYVt2bQc-60HusnLBomSw8MHOxr2AkAHN4OTSAIZjUQ45QbSojETT48_...
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4DuPnSgyHFkk00Vkhwmk...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DuPnSgyHFkk00Vkhwmkt5w5AezM6-WxoMgPmnITylXTkgiS_U84IWpgkWN4b5obklpphopYVt2bQc-60HusnLBomSw8MHOxr2AkAHN4OTSAIZjUQ45QbSojETT48_bZWPy...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DuPnSgyHFkk00Vkhwmkt5w5AezM6-WxoMgPmnITylXTkgiS_U84IWpgkWN4b5obklpphopYVt2bQc-60HusnLBomSw8MHOxr2AkAHN4OTSAIZjUQ45QbSojETT48_bZWPyQQD3TdDq&google_hm=BFpVYECbpUN4kXU5a1EoGJg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4DuPnSgyHFkk00Vkhwmkt5w5AezM6-WxoMgPmnITylXTkgiS_U84IWpgkWN4b5obklpphopYVt2bQc-60HusnLBomSw8MHOxr2AkAHN4OTSAIZjUQ45QbSojETT48_bZWPyQQD3TdDq&google_hm=BFpVYECbpUN4kXU5a1EoGJg
date
Wed, 24 Aug 2022 19:11:24 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5a5560409ba543789175396b51281898004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9220
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEDc3aY0c30xZkRfO3A087x8&google_cver=1&google_push=AehlK4AWb9qDSYvBYBnPRcyxVGfdk_bkYEOosk5tP0KCmVPaX9mA-gGaoOav0wZO...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEDc3aY0c30xZkRfO3A087x8&google_cver=1&google_push=AehlK4AWb9qDSYvBYBnPRcyxVGfdk_bkYEOosk5tP0KCmVPaX9mA-gGaoOav0wZO...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4AWb9qDSYvBYBnPRcyxVGfdk_bkYEOosk5tP0KCmVPaX9mA-gGaoOav0wZOynAaDk1IPDzTPS9OQdgqcUZU4euB4wte4siT7yjT-Ij80Osj7fXEzdS-JneYSJ...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4AWb9qDSYvBYBnPRcyxVGfdk_bkYEOosk5tP0KCmVPaX9mA-gGaoOav0wZOynAaDk1IPDzTPS9OQdgqcUZU4euB4wte4siT7yjT-Ij80Osj7fXEzdS-JneYSJoVjxOSrCCcLwLWH-QoxQ&google_hm=OE5QYXZlZUg2STQ=&suid-set=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:24 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4AWb9qDSYvBYBnPRcyxVGfdk_bkYEOosk5tP0KCmVPaX9mA-gGaoOav0wZOynAaDk1IPDzTPS9OQdgqcUZU4euB4wte4siT7yjT-Ij80Osj7fXEzdS-JneYSJoVjxOSrCCcLwLWH-QoxQ&google_hm=OE5QYXZlZUg2STQ=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
sspsync
cksync.yahoo.co.jp/ Frame 9220 		35 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEFQ7GEiy-0jLHK8uykjQKXg&google_cver=1&google_push=AehlK4DG7JWf_j06tIqw9lNiIGwysY4bygMqkHyEMB9Hj3HFEgT25slfq5jSxcTxpjHLYpR-9wuZR2LyjiAQRDe1s4myJ1HiHMDNXcb3h2tlPez6GiHf444h1n-ArouNwDkFDS_SzuSYOlbOjw
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame 9220 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JN1juqLw702YqKEckoo7OJYMJ5tCoRyj_d-vayXIlJo52DxR_KZZ4HGAytuRLaxIQmdo4Hcpk
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33DA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
27010
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 11:41:13 GMT
expires
Thu, 24 Aug 2023 11:41:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 45C7 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
GSE /
Resource Hash
e02c9cdd33d095e033be3b55cbc7adcbfdafae75945cdd4f00623cb65ed27f59
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gFoi46z4j8XDGE143O0GYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-gFoi46z4j8XDGE143O0GYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Wed, 24 Aug 2022 19:11:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame F23E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ4co23cGY4R_h5XUBoDogqgFhtjSrWu-lf3otBDAjbcBEAEgAGClgICAkAGCARdjYS1wdWItNzk0NTA0NDg2Mzg3NDc4N6ABgqrztwPIAQngAgCoAwGqBOEBT9Dr9CCwVeM7F2WwHftm9BF_aEcYPOvCDXBJ7sbdVCcSOrNLLQDVhc8TPERzaOneCoaqDuwQaEZUi87NZWvZ2iXdnylb-ROEfHLyZL-Aw8EzL0eTJwwVuo7-VOjTL-kA4_x9w6ZbrFxdlqkhV0IGCQXcWtWwG9oc_OMoLkZ7p0dYG8I37rKmOnl91Z0VHWdWhKxyk3DTHuKqZaqrKRIiUINp7MKr1kHV04B7r2SgcPT56-EF8IzVaqgJe4b6mCkh_PpWSY_jlm6axo8BCtx_Bp_QFpEbOMQnhILMqNttTDUh4AQBgAaqwbO66-vbr6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTI5NDIxOTAxNzkyMjQxMTSACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk0NTA0NDg2Mzg3NDc4NxjAmhg&sigh=hsgPsVqCVtc&uach_m=[UACH]&cid=CAQSKQCsnQUx0qZ37nm-hVVXMTwP2RorTQ4TvGMOfB3bdzg6EqF2VGbZkKBRGAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
billing
ap.evm1.stackadapt.com/ Frame F23E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.evm1.stackadapt.com/billing?aid=1-0067-166136828308546567024543-4&sid=1&wp=YwZ32wAAP4QK1QqHAAC0AHCDFWHD1dmSnfMnOA&rid=YwZ32wABCVoK1QgiXQiwaA&network=156&t=1661368283&said=1-0067-166136828308546567024543-4&sanid=156
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.120.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-120-52.ap-southeast-1.compute.amazonaws.com
Software
StackAdapt /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
x-content-type-options
nosniff
server
StackAdapt
content-length
0
x-xss-protection
1; mode=block
x-request-id
7f9aeaefff354f9bbdfe556bf309b53c
win
ap.evm1.stackadapt.com/ Frame F23E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.evm1.stackadapt.com/win?aid=1-0067-166136828308546567024543-4&sid=1&wp=YwZ32wAAP4QK1QqHAAC0AHCDFWHD1dmSnfMnOA&rid=YwZ32wABCVoK1QgiXQiwaA&network=156&t=1661368283&said=1-0067-166136828308546567024543-4&sanid=156
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.120.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-120-52.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
moatad.js
z.moatads.com/stackadaptdisplay515602019759/ Frame F23E 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/stackadaptdisplay515602019759/moatad.js
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
75739105ef6325a39d5ab2c95a82b5ba83a598d0ea924ef825550e27bdf64a67

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 15:36:54 GMT
server
AmazonS3
x-amz-request-id
5N6RMPRGX6Z7K1CP
etag
"fafc8778d75781a53da9f585b0603afa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=52850
accept-ranges
bytes
content-length
113016
x-amz-id-2
Pj47/VLNC4Ol7QZ93tJ9kokZYbsx6x4HPjrs49wT+Ud90mpVJuL2lHhSJdvavNTHkZK5fU6O/XQ=
adchoices.png
creative.stackadapt.com/icons/adchoices/ Frame F23E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.stackadapt.com/icons/adchoices/adchoices.png
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-32.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d43759eeb0bad511a676b580e58291166dfc2375212a83fbcdf622f7c39e8470

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:18:58 GMT
via
1.1 60a12bdf784c46a5874f83b517e37278.cloudfront.net (CloudFront)
last-modified
Wed, 02 May 2018 19:08:42 GMT
server
AmazonS3
age
3147
etag
"a6bd1f0398efa7662720ba282d2012e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
1747
x-amz-cf-id
jpZrh52ABIjQIAMg_d9I3IcDY8pAD5UYX0jWT7-lQOQoIXd2poLQeQ==
hzdN1Mx5hPDnQhvJrh1jCQDIM300x250.png
cdn.stackadapt.com/creatives/19380/ Frame F23E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.stackadapt.com/creatives/19380/hzdN1Mx5hPDnQhvJrh1jCQDIM300x250.png
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-34.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a03a6a2a51df13506f8eaf811394b577a28a770ac6809a1fdcfec79d7b8aa14c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 02:57:30 GMT
Via
1.1 bea183074c7c8354f695008780705c96.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 Jul 2022 06:31:37 GMT
Server
AmazonS3
Age
58435
ETag
"7f004b98208a45741a17cc1118e6329b"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
SIN52-C2
Accept-Ranges
bytes
Content-Length
6081
X-Amz-Cf-Id
tq14Urxlk2qEuNclr7Rm1XTpOe8aEvmTJA1wVojAcUmD5OZsV9DpWg==
cookie
ap.srv.stackadapt.com/ Frame F23E 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.srv.stackadapt.com/cookie?campid=264649&nativeid=2314848&domain=icook.tw%3A%3A156&auctionid=1-0067-166136828308546567024543-4&impindex=0&m=MTczLjI0NS4yMDkuMA&isipgen=1&conv=1
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.89.184 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-89-184.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
content-length
43
content-type
image/gif
saimp.js
creative.stackadapt.com/js/ Frame F23E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.stackadapt.com/js/saimp.js
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-32.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fde3f58eb5e95a8a7994102c7ea88ff589a6d4196d16257d263a9821d18bbec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 04:13:38 GMT
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 15:04:41 GMT
server
AmazonS3
age
53881
etag
W/"2217d6d596583f0872b3658df2b8f5bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 60a12bdf784c46a5874f83b517e37278.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
x-amz-cf-id
BQRusNaAgn0PL4vK50_bg7Hd3EbH3Q0sy6FFDpkvntW99w08V6m_fw==
saurl.js
creative.stackadapt.com/js/ Frame F23E 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.stackadapt.com/js/saurl.js
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-32.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f0891439aea7ee7704a8248eaad5b30bb57a37c6d00093f086e8872638de0ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 07:12:36 GMT
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 16:07:58 GMT
server
AmazonS3
age
61135
etag
W/"b2d0ef851d32cf9bf2dfd7f0c93a5712"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 60a12bdf784c46a5874f83b517e37278.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
x-amz-cf-id
uRfubnEupXQFA34oLDWol9BmTB64xxFq6C8ttP_9nKoWIzwkaLjGLQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame F23E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 17:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F23E 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame F23E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 18:39:37 GMT
l
www.google.com/ads/measurement/ Frame F23E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToNq_S7HQQ_ZFgWud1iGU48sujjrJ5O6bNb9Dl97nmiRBwmrzxDxnxCaDl2GtKCnAyDd0KXpZn8Q2ROh4mSN_ajOiQcg
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F23E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 16:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Aug 2023 16:34:57 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 48DA 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:25:23 GMT
x-content-type-options
nosniff
age
319561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 02:25:23 GMT
i.match
s.tribalfusion.com/z/ Frame C63D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBKBU74s-VGXmqkmKI7F9Tc&google_cver=1&google_push=AehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBKBU74s-VGXmqkmKI7F9Tc&google_cver=1&google_push=AehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_...
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBKBU74s-VGXmqkmKI7F9Tc&google_cver=1&google_push=AehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF-HS9v-47Elb4vHEIAGwcZYxOZe8psNlcxkdwCp0cHye&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF-HS9v-47Elb4vHEIAGwcZYxOZe8psNlcxkdwCp0cHye%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73fe64c08e37a895-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
121
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73fe64bebd85a895-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBKBU74s-VGXmqkmKI7F9Tc&google_cver=1&google_push=AehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF-HS9v-47Elb4vHEIAGwcZYxOZe8psNlcxkdwCp0cHye&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DujiLlIR6M5vYn7WYw_4NSoYH0CMxl1mmiCv_3a9pZ0BKi2jIt0XexqDJz0v2J6JOKoENssH-5H7IcKt0FYxgEkJlM4S_xF-HS9v-47Elb4vHEIAGwcZYxOZe8psNlcxkdwCp0cHye%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C63D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEADkGfhl7bf2lo40HQKuOfw&google_cver=1&google_push=AehlK4Ag3ldgBnEH-bCdfFtYfYwrA-68abRgsKo1c-KDDCJthEl-REepmeO01WXgOt0hiu0G_fqAUtjry2vBY4l_G2...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEADkGfhl7bf2lo40HQKuOfw&google_cver=1&google_push=AehlK4Ag3ldgBnEH-bCdfFtYfYwrA-68abRgsKo1c-KDDCJthEl-REepmeO01WXgOt0hiu0G_fqAUtjry2vBY4l_G2...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDkyZTY3NTctZjUxZi00MWFhLWE0ZGMtNzYyNDFjNjdmZDNi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=492e6757-f51f-41aa-a4dc-76241c67fd3b
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDkyZTY3NTctZjUxZi00MWFhLWE0ZGMtNzYyNDFjNjdmZDNi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=492e6757-f51f-41aa-a4dc-76241c67fd3b
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDkyZTY3NTctZjUxZi00MWFhLWE0ZGMtNzYyNDFjNjdmZDNi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=492e6757-f51f-41aa-a4dc-76241c67fd3b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame C63D
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECQKlKjD7TpXNaNZFQdqago&google_cver=1&google_push=AehlK4DkgBTxifBhUWsOHykBO8HCZIl6Lu66BuB33n1Jiv-UIWWhdGjizssmh15DS2CHrniBkxMS2x3UOQjWkHM5_fTnU1mPk5K_tQ5To...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DkgBTxifBhUWsOHykBO8HCZIl6Lu66BuB33n1Jiv-UIWWhdGjizssmh15DS2CHrniBkxMS2x3UOQjWkHM5_fTnU1mPk5K_tQ5ToVeKkyqY7mkQ5q-eKs2Ny58R5SxhqU...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DkgBTxifBhUWsOHykBO8HCZIl6Lu66BuB33n1Jiv-UIWWhdGjizssmh15DS2CHrniBkxMS2x3UOQjWkHM5_fTnU1mPk5K_tQ5ToVeKkyqY7mkQ5q-eKs2Ny58R5SxhqU3mZFb1jV9U&google_hm=NTA4SkJPMDBSQkRHYTAwN0Ixd3Y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Wed, 24 Aug 2022 19:11:24 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DkgBTxifBhUWsOHykBO8HCZIl6Lu66BuB33n1Jiv-UIWWhdGjizssmh15DS2CHrniBkxMS2x3UOQjWkHM5_fTnU1mPk5K_tQ5ToVeKkyqY7mkQ5q-eKs2Ny58R5SxhqU3mZFb1jV9U&google_hm=NTA4SkJPMDBSQkRHYTAwN0Ixd3Y
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
asr
aid.send.microad.jp/g/ Frame C63D 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEAAV2If7pvKiocZWEbcz5PY&google_cver=1&google_push=AehlK4B2eTdZB9LfPmdG3KqDirCY6Tk5opzBIHXJAxVyB4ANA3NI8orOHqbNjFD99beOidWfsIwUKWGrw6cvYrB3dZc5MnnSIOASTXft0fer6CC6VBC0pP8MopVApp4LdOatFhfsLAnNmDSh
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:24 GMT
Server
Apache
Strict-Transport-Security
max-age=3600
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame C63D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEL5s2BLjfC8uWaM7Mfo2dxg&google_cver=1&google_push=AehlK4CkOi1zfg62w4EvgkaYdPKBSdGMURwJDhqpvS-KZWO57V0fPh3dxNoftPpT-1MRC0HgLgFXXEqsH9wYdhc...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wQf48xvNTrRJnGNlsu9V3K310bE&google_push=AehlK4CkOi1zfg62w4EvgkaYdPKBSdGMURwJDhqpvS-KZWO57V0fPh3dxNoftPpT-1MRC0HgLgFXXEqsH9wYdh...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wQf48xvNTrRJnGNlsu9V3K310bE&google_push=AehlK4CkOi1zfg62w4EvgkaYdPKBSdGMURwJDhqpvS-KZWO57V0fPh3dxNoftPpT-1MRC0HgLgFXXEqsH9wYdhc90llsJsajFBdqpkeNhMWPDWJYZWU_2gQYzjlYhqlolkIpe-VZNbTW_jQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wQf48xvNTrRJnGNlsu9V3K310bE&google_push=AehlK4CkOi1zfg62w4EvgkaYdPKBSdGMURwJDhqpvS-KZWO57V0fPh3dxNoftPpT-1MRC0HgLgFXXEqsH9wYdhc90llsJsajFBdqpkeNhMWPDWJYZWU_2gQYzjlYhqlolkIpe-VZNbTW_jQ
Date
Wed, 24 Aug 2022 19:11:24 GMT
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame C63D
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEB-V3h6PyjeLS21ujX-XPR4&google_cver=1&google_push=AehlK4Ag-ztxcl4N09-MW9LdXcUbxdi3d56ji3fspt25SQAKsoA8SHnRPw2sp0n7lD5qWlpx6LDEcinAcC2zz_XfizitQjGE7r0Xw...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4Ag-ztxcl4N09-MW9LdXcUbxdi3d56ji3fspt25SQAKsoA8SHnRPw2sp0n7lD5qWlpx6LDEcinAcC2zz_XfizitQjGE7r0Xw3Y9cecBxezZEFE82tDnNeqadiEoiK...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4Ag-ztxcl4N09-MW9LdXcUbxdi3d56ji3fspt25SQAKsoA8SHnRPw2sp0n7lD5qWlpx6LDEcinAcC2zz_XfizitQjGE7r0Xw3Y9cecBxezZEFE82tDnNeqadiEoiKtM20B5PKRur3pA&google_hm=bf1f2445246236d9ea1b67253160e356
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4Ag-ztxcl4N09-MW9LdXcUbxdi3d56ji3fspt25SQAKsoA8SHnRPw2sp0n7lD5qWlpx6LDEcinAcC2zz_XfizitQjGE7r0Xw3Y9cecBxezZEFE82tDnNeqadiEoiKtM20B5PKRur3pA&google_hm=bf1f2445246236d9ea1b67253160e356
date
Wed, 24 Aug 2022 19:11:24 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
spacer.gif
an.yandex.ru/resource/ Frame C63D
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAgNmNg68nPoDZJsG-FCeUo?ext-param=AehlK4BsrDYnGqMkHXCQ0HaGbcOBbVQEPLHeZyLaHvHYQKV1SRCCeKJ48rU7pwxe-e71WueP817Zqt0MMLgtG78OdsdYZhzOes3ugQlYEzuvdcOsDEPTbl89Kne8...
  • https://an.yandex.ru/mapuid/google/CAESEAgNmNg68nPoDZJsG-FCeUo?redir-setuniq=1&ext-param=AehlK4BsrDYnGqMkHXCQ0HaGbcOBbVQEPLHeZyLaHvHYQKV1SRCCeKJ48rU7pwxe-e71WueP817Zqt0MMLgtG78OdsdYZhzOes3ugQlYEzuv...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAgNmNg68nPoDZJsG-FCeUo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:25 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Wed, 09 Aug 2023 19:11:25 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C63D 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgfNu_4sUfv8I_ssmOPtKyWkVNyCS2IQpGlU1W5aLDloEdCEloX-F8xehwAhzR94MAy3KO3Q
Requested by
Host: 065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
URL: https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE07 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
27010
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 11:41:13 GMT
expires
Thu, 24 Aug 2023 11:41:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8FBA 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
GSE /
Resource Hash
cc5bd191625a3aa228827b0faf1b0235d9fac5498739282fcb2c3516080a2ad2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9l0p_OjwVHvxHPhYdtBkgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-9l0p_OjwVHvxHPhYdtBkgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:23 GMT
expires
Wed, 24 Aug 2022 19:11:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame B550 		624 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNVZ1BsmEFcZ666ErBkJYD_egJ3H6Si6e33HCZyYUrqy9c5P2O2faI2ItRJ5utiBpyApWAMZIVR_tKtbvRcL0sWxbLJGWA
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2815 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmNvntS3rS-tmRqMZM9sYsmDdI4sWWJyIpgCBAgKMJAHbqBnaVPmznwrXuaU09FyI7GA3iZfNOErv3V1KZXwlU-H7RqQ&cry=1&dbm_d=AKAmf-BzbQ6fccGqYBqzsY2500Gy5KiPrQ4wzh5J9Dld6nHIgGvNro2ABXceGhhfD_Ip83Ulye5nzzwmJSnjNzV6-sNCCR4YBfQuLhsW7oYDw17eV00-QJg9h4ijr0fWMpCrBnRJNmbN8IkZyfw28nkNx0i025zS2vHF6Z7d1xbTiUvVS9z5I5MmgKb8uMJqT9XTDIEsBJy9VrIyy7zwU_MiDKsbXyPxJ6OgD_IO77SieKT8Zm_mr_6XCtZ3rZndyuyA59-Rr-oHs3DN4k8ZsBfzzJ4zyvLbDUQsc6XLOe-QL8oDjJIQc7R-SVFtH7IGTUoYX9vKspVEMAOCcpcAvkw3akJ7s2yYzLxkMfuFyIwYQD8kYE7VakUeJ_CxQhqjtFTjUcuWUbjufQSs06pe4u0cXj7R2PB5xLW-LS2qXa3RQ9s0IOp05I9q1K8AwYX8NDCJK20VR5OnV8IxMNTC4zZshJYWOAtrHiK2zIcj15BPubQgPIBuRqTWvG8ty5TbXwZcvazKgfs4jpATclEK4QeFhs7cX1YcrGhWQG6L07eN7PLof1AHMc6VKDBzhMP_a25x6vuGudiFnPzD428Txd2If484ve38mJD_Jq-96DEJbjVzCn2-T6xbNSH_mdjJ3iyPXMI_xQFBPP8EkOni3gGn-tsCO-6IX9itzCYIJriw_1gzEdAq90ON-woyFmQrmsDw_OMpvvklHyvBgYOfoSPdVdoMHU6QDAnb4InxsRkkO5qOoEzCFbBGnJa0WRIGjiuzwVkMI_JdqwopMpJorwwVV6K_ZPaEztj89Qr5mJ3_2h_PJbAxp-ucL0iG4xzW5O7benD_EiSNuBpRg9k9rtm_dQD40KB72IVlgvPXSDTelvxRILvq3dL8yEZhnJRSP5IO-mKwVDjVvoO34QcmD8hIsrE9VVDVCXxgY86c3PMTWGW70YRWTYQgBujYemyN296vBgA04uPqU3VuWQ6FTGob4HybTwu5CQUL1no9DPKyBSylaw7npH1OduW_rb8QvJCI7Bi3w1Z46Q9ZHG57Ir2SFyZ8RiG8-IMfJU-tgVegf6US-ofAe-uZ5E21gY6vDnFLig_AJ-jx29OdqUW8r7Tbv6NGm4wrMVq2766uX_-qyvCDIG_fCJU4Eyw7wdR5U3RbzMCQX2MW1cpAW8R-i7h0BIe5eeDG46fizeBZugsxBzuYu5fRZhyPBIKJgywS_VvLpqxilkgnlDZVL3mxVwtlJqQyB-pE_tcKhZWXaIO6yYNCydUwauWzEMLJqEvLHdncK_4X382A4PeX8wtXovNZNHAN6viawZ8V12HbhqyLZtpVaE9dNo0NeExTJqGFQLS5xRIkQyLA33DUoXl_UOfvLhIIsWri5En2ehWyN8Uo2G6vjFlvXwa376kagjcHc2UPwHje_oR3UjW-OixiiStCotOdfpENt0O8dk99heic3EJ4J7VlWKnceLP5C-t9Z9St7hrYIlIZQT20v81M05sLaM_9mke3ghyPE6dkVnhHuuMsjnFqgOKtyWBdxFe1WLySApcysr84bqI5QkXJabU2nPTtXSQf-xsBH3RA2TcPG-ORnJWxrVbPEU-zRpax5grSvj4hbmh8yq1xPp9AFVSDdMEDd35RFGd_qdk4cENII8s2kT9TyDeCAvjiHDteMBUF6XPdvKe86Q2tHQMVNKhPE444AUQmU3kesL-ussOymbYCf52TPMi7bOtnXnoGbD5cpJLWU8-5in6UnOq6jyJKenkjzKTyImHgfQ3dJ14LwX3TeYB1Dn8_LMexsoLhkbEXTEnaOMwJVR_gr7IT2LBrvbVHKoCji-K1kS0czzynjLeSZx8A2f3btpOfHRbrwMR9DVYNl5CHNarg-MhCdK7fIJWfJaUKpYgJ_tlcowL6j1IRqFVTE6aAzzooHtAZbvvXxdUzyXYBvskILDoqQ3VbcqVYss56j_CryojQtif_i9Bn4QjZnqLJrb0BncCXkpyMa6_Qg1jWpjITD7k6jST2LHu_uMJOc6LuAumxY_eX0Hg02Td6GiHTp4VFCRwbBlVuWKDJcVwoGuLgPN0srPlv9zBk4GF0Vxnhu6IsyAhWh4NMrB5sy6k7rrKGmJ6en1TG0GDGRSMj26JOaemRKWvIkS1HiZIp1hjdKwKLm1-e07ef2NxWY3rEDXbwOSV1GGuzvInOVkrxVBSOeDlQtkBQun7klid3NSDxrn1KiHTMBKk2maE6Mgb1LR__HS6sOva0o_s_hu5Mrs6YR57SzZ20xbBie8dDFJiFFu3oDNLMP5x5o0MnNWqET4ifI712QBIctNTsNE5XQ11Aqj2BBmjrQMqCcQWhfBwa1tvs88PrU28UxwJcNBfuw13mC2Pma9DyzqUGu11FeEdhixLVTeuZ9rryOnsH4vxPhhwNYmUsRv04A_WasUdx-feQbqSG2UrbD4mpQexDQ2Sl25x-DpnMm6cVwhcJACk92u2v1lt47n_M_nOczKf-BSN7ipxt_XSb1POUy5hB-0wDNpxbR785fA85AO9d9rtNhvIstK4nAUOQ3s-SvRHUE-Jor574FPXdeXmTtq_uoNB0a4wEAl1-IH3TyFl7peQ5Ook-eboQwf9g6MPFoxBEv1CZgh3OhhWhZe8np65st8IppsqQAIW0bs1KGyLgG7c6mgUw3OENID_vmyPlXLQOcO4XoKP1nxRNKKktuC_fZzX_M_ufpruuG3IUmC4BzWC9yUeVmuyyZqRjV__PqRSNRtpmnORZMR8DL4EoSXZBYzc1XbgshkIk8zrYbRZ4DfXeJwTqNeiZTcUvYKoKHPUy2Q3ku8bctYNbcTmkIl_UAwFvBHcffPGTyQ3S45gRHD0axz8SmzgunNS7BdXo2Ujr9Jpz0-Ec2zPhVuu78BSpYR64HlPkxgCvTDfZMdco2pCIbWEgIVK3U4xGnbMsmunkMh-TGlSpkZJWcFHt9ySjxbM5pgc_-IhWJNz8SkR9TCINKnJU2oJrVRNnD3KasN63aWi3JwKpVdcGShJkRTqy0HcuLrOYJkZ4ouwtPIpxYLXwsNj2Lg2_aAXv7-8TBijJG5RPqcwGlOD44anZBH-gET0C7d_RJhwqaWu4FaOhl6z3H8CNGqCAqc68EFZjYgjI-aF6bUs4EjveaG3DfSkRZ0VhPKyBfoG3UC54Z6CAoHtic1j6qlYGo_UJlXCXR819iEGeyzPFlUycGIacw5N-fgis7x08m1o-YPwc_GYRzQ-mp0ZGPXv6zij_3a5B-520YlZMrfAcG-QpYulTHV03&cid=CAASEuRoVJKJtw76YdZrw3m5CRYzUQ&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
cb436a8423d69343bf9151052b7a48fb536eed712f0e68b9768845e3dd228c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33765
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2815 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BF3b3ZSldTYvIJxHaxw_lRMRC9AHlqJE94ysDwhl2XWsS1vIiiNbcdzcqnBky7tJxXUzSJPr33RT-U6Nx6F42ByotT17gV6Qa-L8QBIdpfcl-bQ1c
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 2815 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 17:30:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2815 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:11:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 2815 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 18:39:37 GMT
l
www.google.com/ads/measurement/ Frame 2815 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWbcMhFup9s4ln2EHpE4wTB_Z2bMhMxdjeEA-X8I7r4cgz9W0X20xpBlqnmrho2ZzEKUrOYnISKPTaD83mfR7okpPFIA
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame 1489 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F326 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:25:23 GMT
x-content-type-options
nosniff
age
319561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 02:25:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B01C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=403684210710715&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame CF04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=2755714129352862&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame D2B2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame 33DA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
smtr
contextual.media.net/ Frame CA83 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU4JWBS7&cpcd=7rRp17Jcr0dK_ZLqU2NgxQ%3D%3D&crid=781214713&size=120x600&cc=AU&chnm=smm_migration_test&pid=8POGBHUQ8&tpid=T213342&https=1&vif=1&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&nse=5&vi=1661368283271506453&lw=1&ugd=4&adt1=8CU2CV286&adt2=752115612&bcpf=B44B8fOnRrolnfOur8%2F4qqqe&bdrId=4&ntv=0&matchstring=hr%3D0%7C&kttle=%E8%81%9A%E7%84%A6%E6%BC%A2%E5%AD%97%E6%96%87%E5%8C%96%C2%A0%C2%A0%E5%82%B3%E6%8F%9A%E4%B8%AD%E8%8F%AF%E6%96%87%E6%98%8E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&katpre=1&katbid=-102&pgid=p0629732854t202208241911&goent=1&nb=1&cadomain=tzR-hLcl-L-HShN42-uufdV3aTJmADGXGdtTl7u2al8%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU4JWBS7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b8f80fd348a504db7032a64dea4da2c003a41a99a409d55958a1f4a74cba643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Wed, 24 Aug 2022 19:11:24 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-f62s
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
28770
x-sc-w
22-3l8d
bping.php
lg3.media.net/ Frame CA83 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=581&&vgd_cdv=784&gdpr=0&prid=8PRVCXX19&cid=8CU4JWBS7&crid=781214713&vi=1661368283271506453&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886993991&r=1661368283882&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1661368283129331632&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_pgid=p0629732854t202208241911&vgd_pgids=1&vgd_uspa=0&hvsid=00001661368283879029185683699017&gdpr=0&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Server
Apache
Date
Wed, 24 Aug 2022 19:11:24 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=62780
Connection
keep-alive
Content-Length
15
checksync.php
contextual.media.net/ Frame 8E97 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5ca00d4a24c1d96c84a6f9823dd301be26bced992e350fa79a36847565d0137
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9351
content-type
text/html; charset=UTF-8
date
Wed, 24 Aug 2022 19:11:24 GMT
expires
Fri, 26 Aug 2022 19:11:24 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame CA83 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4215&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=8789905155324178142&s_city=los+angeles&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.010&size=120x600&mx_TAS=1&mx_gpid_sent=false&xtmax=148&commit_id=ba20ae08&scrid=352177074&itypeid=21&mx_SPRIG=2&viewability=78&renderer=0&be=0&rtime=31.0&adj0=0.0&tmax=150&s_ip=104.254.150.115&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=8789905155324178142&sc=NSW&mowxReqId=dcf05472f2e1467b85a690e1ad434026_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&bidrestime=1661368280968&pv_adtype=0&cc=AU&strg=smm_migration_test&pcrid=8CU4JWBS7-781214713-35-5&coppa_enf=true&devmodel=Unknown&bdp=0.010&ct=Beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D148%7Csmm_migration_test%7Cbrr%3D0&mx_epbc=8CU4JWBS7&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.360topics.com&dn=bg3.co&dt=O&acid=dcf05472f2e1467b85a690e1ad434026&actltime=124&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=9&dfpBd=0.01&sckfl=0&dmm_erpm=false&mx_lr=0&coppa_applied=N&mview=1&smbrid=11901&bfs=103&rfc=-1&prvApiId=8CU4JWBS7&epcexp=false&pubid=pub-appnexus-exp&mx_bsProfile=0&cid=8CU2CV286&bcrid=352177074&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=smm_migration_test&pst=0&reqsize=120x600&adpos=0&itype=APPNEXUS_EXPERIMENT&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&mx_sid=8CU4JWBS7&tgtval=pub-appnexus-exp&__expireat=1661368881235&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=781214713&ckfl=0&lper=1&mx_tgs=120x600&cbdp=0.01&pvdTmax=103&ltime=117.0&epc=781214713&prvReqId=1098844342224_242772329_75211561241&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS_EXPERIMENT-1800859&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=137&apTags%3C%3E=75&mx_PC=1&wsip=mowx-7ff5f5ff48-kptq6&currsrc_date=2022-08-24+00%3A00%3A00&mx_divid=22132338&geoll=false&omid=0&debug_ts=2022-08-24+19%3A11%3A20&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=22132338&snm=SUCCESS&mx_IAB2=2&usp_enf=0&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.09&pvid=4&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-common-5568dd587b-xjp2r.LA&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=22132338&ptype=23&media=0&acsn=1&dtc=west_la&mx_aqcpl_crid=4&ogbdp=0.01&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=752115612&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=22132338&opbidflr=0.000&impId=5813252506059685694&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.78~smm_bid%3D0.01~vis_sd%3D580~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082405~iurl_b%3D5460.01~url_tkc%3D0~std%3D22132338~last%3D~vis_url_b%3D0.91~ip%3D3bw0Xn~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D29~rc%3D1~rps_sd%3D2022082404~vis_b%3D970.17~url_b%3D0.18~url_tvi%3D0~smm_wr%3D26.8760~ecp_eer%3D9~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022082412~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daAV5wcVYOVVCEG~btd%3D60213921829350675618155537944742630214711615359683909526198792783086194156572672~d2p_l%3D50~3pcf%3D396.83~uim%3D304~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.99~ogd2p_b%3D0.98~vurl_b%3D0.43~ss%3DNA~uiw%3D60~ce%3D0~rps_b%3D25.4~vurl_l%3D30~CI%3D2724~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.35~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.58~ivurl_l%3D30~supply_tag_id%3D22132338%7Eviewability%3D0.784585%7Ecbdp%3D0.010%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Dsmm%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Esmm_api%3Dv1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D103&utime=2896&sf=0&cpr=0.29680437576788443
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Wed, 24 Aug 2022 19:11:24 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Thu, 25 Aug 2022 01:11:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 45C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=2138441010117634&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame DE07 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=2345163948386885&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame BECC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=4132152246352116&bg=!DQ6lDkrNAAYUOm8VNDo7ACkAdvg8WhLC5ClrbhjHwcEPIPhVk399ciidKe4CZH0QKF4q4EEKz21pYAIAAACaUgAAAAJoAQcKAL8nxIbJIVFhvvpA0pIrZxspardfRjOAXMZtmq5rzmjMcAM0eAf09XrWbCQAw36o5QSDGayKz_50-Q53EX6rWN-jN9E5GqRyPBHIVta28jcjL70HfpWNsFxmPU7Ya5ptc8JaL1K75DauU7fO0g1np1KuhpEyHckT8p91l7f2OsEIiDmcpvIzXpxHlO9jb2gJYl9_5-46vwFTowP8d54h0ta-5A-OAyltEGYL18mUQxF40sdl3NgZHY6EMOJvo96PH5kCtXoGiqLkZ1QsrUXJ9XQNIRYv4ms5t99eomvWqRKqCud7XWuURZlprFA1dXtfefyN9Dcq_FbF4BCHDbo3EUe5TXstjlZmYWyH7p-jalGmS9sQ0w-wBh1e78GL_NfspbGYqekuTjiSrJi5ZMuugz-93SaUShHHCE3RMb9cgXWWINgXwnxmJSoaB1Tr2b29DRmXDHIPkortKy8IFOaqajBFMf8fcNl3J9JIZm3GWHEYhKLhpcU-UQsIeLbOPT_tqBbzoKsW6neoHB6uRhScFXJQKfzpBZpErfdEE_VeImS9INIOMZbB7Y2p-gX1r4hFWsBXA_XhAfz_DSut_uMvTvEL9Mab4jHCbKG-zG5IRSwGE7djVVXngycLsnQWOPQpIuE9vD1sbm4Ij3-ezPVamXFFphTf5buGH0FqHMmx7CWH_Ja1TkdLNjeAqJ6VjrvT97OBuEbFETofqdJv7lbVW8C1aNEI0UZUdMUw8JYMTkgFnH9RmJt5e517Em3Y4q1NV-Sa-aDeftqOqdkw30tuMrUASiVsBiKa7cTytVvcRaNi4frIuqShuuVlZMctJk8vI63cmz2xgI-h0vSOX-DwPCrBF5gFhgWHRBcSX0LgN0o0WDFJ9-miVXX_eTobwyroM33-22mvcG1SD6tb6eOgfr5Vha_UdJ8Kwng9jeDjrQdLZjBin37LOqDCWB3ALlIj-G0jZWcPDmtb7BT5NCML-3MINErLJ2vfiIGZc0Cw8GqHCBXxUL6fLlq8vElDlW8RGvsHyIFfqgO-HyvsLTuvEyyqJ9bcGdmmOcub3BORdKHA0yFDJDcg-cbP8YYwoRYCSEM7zUL3vuCgqyht2UmIipDIYQsIfRAuqwFsqjYd_GgO-tbjMHNoR4xMXmjq1OerLTvsEcYwfVz1V9T6OGfipwthuz_Xuzu5vw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1A64 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=2674846589228385&bg=!LyylLGjNAAYUOm8VNDo7ACkAdvg8WkmOIVPFQiagCLIfy1nU0qje8CzsYyjw_IN8NSzJb4eT7wSxpgIAAACIUgAAAANoAQeZArkvJpAl0PsH9GmJs8yr4d1LBXGPmOypVwYXz76iwxcg_ZXg7LtkZWPQqDy9xMMdaM0mRsAxbHZCovK54m4-qyJB3Z1ffACgoQpq8eJw0T7mdGX1slAkXH5BQwXAt7nW-98LXIWifF_NmhObvbeaB_u5OxobZFYCBzR_Ue4_ol4R72widi-KGPexh_WxdNPs4A8EuRQRPYxCD2PvEs1_lYueRvrx1m5HOInGVpkRLPCe27pYtuj7vnAJqhgIVsG92Co0RKfKJH6PN1Fv6efwp2Nfo91dxSQymR3hycmRdiBDLMX4h-vxlaq8J0oschB0shXViUEqzacTcH9AXZgFHg5am0LwOV6XAAl2tg5CGD7o1RA-j4chzQmydjmS9fmMvHZQsMvpeRvO-QJEMnAc4i8aI-LjlbP7yCjCipAh95TCp8i882VA_zxMBsWgE3ZCDht6CNWKCjXV7DSs8jfDWsFdyZtdR6xLHgxpuBIHJAemI-8fZfg-RTViqeY-ZvktNQj0eO9AEjb71eQIN6AvFQac5V4JgOOSJgoCXvRbUD7WC_WODo0aT7QS73tdDJdOtrMLIWnp656Wj-LWF2z7q0vYNVYVz-k43Yf1f__ajPK_2C8yRoB8rS93a2-kDFnQ6SwRC2-9uzjGS8QSziI8A4UebBkeqTL6dVFfP2Q7C6KQH5MFVptQvIy8nnzh5vkTgs_eWyGierNQRceJ9UMdL1CpthbJnUyb73AoJTbjrugQz-xXCRFx5OH1zuUXQehSooM0CgJUpsp3De03fECm-P8nUsN1UrNlQhzSYYM26GT0yz5hc3sAan2uBtq0FTj5DBeXEnLR__OPI8HHOYLSB1dRwJAWi-CpwFKJY9g6c4lCirKp_MqjH5qT5wj6grRje-2fb8a5DxdDJSIXf8daOmSy60ZnUxjPWJsI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Aug 2022 19:11:24 GMT
checksync.php
contextual.media.net/ Frame 72F3 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5ca00d4a24c1d96c84a6f9823dd301be26bced992e350fa79a36847565d0137
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9351
content-type
text/html; charset=UTF-8
date
Wed, 24 Aug 2022 19:11:24 GMT
expires
Fri, 26 Aug 2022 19:11:24 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
rd_log
lax1-ib.adnxs.com/ Frame CA83 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&e=wqT_3QLFBOhFAgAAAwDWAAUBCNjvmZgGEJ2q7pjC-bnSYxgAKjYJexSuR-F6lD8RYVRSJ6CJkD8ZAAAAgD0Ktz8hYQ0SACkRJBAxAAAAQAEtsDDy7MYKOP1cQOpcSOADUMaX96cBWLm0igFgAGi1kbMBeACAAQGKAQNVU0SSAQEG9FMBmAHIAaAByAGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAtHwXOoCTWh0dHBzOi8vd3d3LmJnMy5jby9hL2p1LWppYW8teWktemktd2VuLWh1YS1jaHVhbi15YW5nLXpob25nLWh1YS13ZW4tbWluZy5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9MDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzMuMjQ1LjIwOS4xNzeoBACyBBAIABAEGNgFIPoBKAEwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMaX96cBiAUBmAUAoAXe3ePDr4WB_nnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUA4AUB8AXFlCH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG-eMC2gYWChAAAAlFEQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaPCAAMAA4iAFAAMgHANIHDQkuNgAI2gcGCSVo4AcA6gcCCADwB5jQCooIAhAAlQgAAIA_mAgB&s=8fa793b2789ca8092940b1f4c996b956cef880b1&bdref=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html,https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:24 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d5212aef-cf79-42c8-a433-130d0c63d7e4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 1489 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VI8oYg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D2B2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TtN_rw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 33DA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TxJFYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cksync
cs.media.net/ Frame 8E97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzA0MzY5ODg0NjgzNjk5NjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESED3odw4pNXMJMoauwFgtVZY&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESED3odw4pNXMJMoauwFgtVZY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:24 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESED3odw4pNXMJMoauwFgtVZY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B550
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1&C=1
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNVZ1BsmEFcZ666ErBkJYD_egJ3H6Si6e33HCZyYUrqy9c5P2O2faI2ItRJ5utiBpyApWAMZIVR_tKtbvRcL0sWxbLJGWA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64c4cc42a941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHT%2FUl369qhAPg92msF1pMEeU4n8T%2BBOjfeExLgNt6Bv9iDLa3sQ6Cq5s7hD1A9%2FdSg%2BbiTDJmFa90dOpEu%2BpssaDzxgeyeLD%2BTRBf%2BC5CvkY4yY4KQRZNvR919krMFMJAww2%2FouF9yoMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyO11xydIlR6zO1KWyWDOk%2BT13GW0Qn6H7gTsrcenYgSJQXXv7tOVLv1PXKH3Mvcjt909jge7SZdsPNdy2AaWyORT8%2FPhLjhs3bKkTfb38nT9X39fXAW3YbMXTFTBFqeRaKvcyyTxzv%2B5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1&C=1
cache-control
no-cache
cf-ray
73fe64c25e7ea80d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame B550
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwZ33F2KtzHErm0Xp68OOwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNVZ1BsmEFcZ666ErBkJYD_egJ3H6Si6e33HCZyYUrqy9c5P2O2faI2ItRJ5utiBpyApWAMZIVR_tKtbvRcL0sWxbLJGWA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64c7adc5a941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cmi%2FUcS7wseucES9ffEBFGnnvFPp3rCLI9YR1%2FnnriGRcn2l9h9m9h0lhvuIlRI%2BJ%2BH79SWDgHkICZjZn3lpTsjIDWeJxuTPR5E3U06hcI3%2FrDS9m7YbqqsMlNqiPQn9byUGN2TlexxJEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTmM8y1RCkxpE1YjTbMaqo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B550
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHZtr2Sd126RcU2Z4kZsys4&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHZtr2Sd126RcU2Z4kZsys4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNVZ1BsmEFcZ666ErBkJYD_egJ3H6Si6e33HCZyYUrqy9c5P2O2faI2ItRJ5utiBpyApWAMZIVR_tKtbvRcL0sWxbLJGWA
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:24 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b77951b3-731a-4618-af2c-e9d847aef7a0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHZtr2Sd126RcU2Z4kZsys4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B550
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5MzczNDkyMDU1NTA0MDQ4MQ%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5MzczNDkyMDU1NTA0MDQ4MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNVZ1BsmEFcZ666ErBkJYD_egJ3H6Si6e33HCZyYUrqy9c5P2O2faI2ItRJ5utiBpyApWAMZIVR_tKtbvRcL0sWxbLJGWA
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:24 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8f26cfe9-37f9-4a08-9808-1aa98d76ee9a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5MzczNDkyMDU1NTA0MDQ4MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame DE07 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ShnUGg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame CA83 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQ8pfkTe9GScS6Ka9mgH1zdXzdEt9vin4UOQlhW46I4ujJK2VGYb8_AeGuREF6kl1xwVk7F7xjOqDQXfAN3kBoHTTZRKvzcQog7py5aAIKqw_y3ahyoRuo0n4jqNRK-lPVWA43Qhn5kX0RARfhPQhJZj1ybTY5CYnxsZgdNvb3a_Eq6XYksSpbZSV1CtgKo8c5GmFiijU5_h4nWQiBZ2pMACsFx13sE79A37Ak4g2neOaZXEdiq152MdlY5LkJAoFbOdAjBOy5wV9p3Q68epWNdTszuA1JZwZCt9N69-xDJ_NI-QKroDd3_Zuf&sai=AMfl-YQ2icQ5eKrcjUY1fucB7AIZmJAa9t2zXMlw8PQbhs7ifaC6hVP3e7XDW_MX5x2mX08RHd7Qq5LKSTbQE6pWxlINEuGsVMzFGtfhPQc5FJjlm9YY-LhgaPC0IcWQi8I&sig=Cg0ArKJSzKJFidBKbApGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 24 Aug 2022 19:11:24 GMT
truncated
/ Frame CA83 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3d8546a043b991780a1acd8ce878a7bc6160f3b12567d21249ad2c9c1d2d497

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
lax1-ib.adnxs.com/ Frame CA83 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&e=wqT_3QKEBeiEAgAAAwDWAAUBCNjvmZgGEL7-2Kqry7TWUBgAKjYJexSuR-F6hD8RYVRSJ6CJgD8ZAAAAgD0Ktz8hYQ0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Cyl_enAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG9P4BmAF4oAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACjepa6gJNaHR0cHM6Ly93d3cuYmczLmNvL2EvanUtamlhby15aS16aS13ZW4taHVhLWNodWFuLXlhbmctemhvbmctaHVhLXdlbi1taW5nLmh0bWyAAwCIAwGQAwCYAxegAwGqA0ESGDg3ODk5MDUxNTUzMjQxNzgxNDJfc2JpZBoTNTgxMzI1MjUwNjA1OTY4NTY5NCIJMzUyMTc3MDc0KgVNMTE3M8ADrALIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTczLjI0NS4yMDkuMTc3qAQAsgQPCAAQBBh4INgEKAEwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLKX96cBiAUBmAUAoAXe3ePDr4WB_nnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUA4AUB8AXFlCH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG-eMC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADiIAUAAyAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=92365b80053a93dc66af1ad8acc9190f57afc69a&type=nv&nvt=5&jm=1003&px=5&py=300&bw=120&bh=600&sid=7061473381596977466&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&sw=1600&sh=1200&pw=1600&ph=3042&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:24 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
81dac366-df6e-4131-a792-d0dfad6f11a3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync
cs.media.net/ Frame 72F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzA0MzY5ODg0NjgzNjk0NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESED3odw4pNXMJMoauwFgtVZY&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESED3odw4pNXMJMoauwFgtVZY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:24 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESED3odw4pNXMJMoauwFgtVZY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2815 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
Origin
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 08:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Aug 2022 08:23:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 2815 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmNvntS3rS-tmRqMZM9sYsmDdI4sWWJyIpgCBAgKMJAHbqBnaVPmznwrXuaU09FyI7GA3iZfNOErv3V1KZXwlU-H7RqQ&cry=1&dbm_d=AKAmf-BzbQ6fccGqYBqzsY2500Gy5KiPrQ4wzh5J9Dld6nHIgGvNro2ABXceGhhfD_Ip83Ulye5nzzwmJSnjNzV6-sNCCR4YBfQuLhsW7oYDw17eV00-QJg9h4ijr0fWMpCrBnRJNmbN8IkZyfw28nkNx0i025zS2vHF6Z7d1xbTiUvVS9z5I5MmgKb8uMJqT9XTDIEsBJy9VrIyy7zwU_MiDKsbXyPxJ6OgD_IO77SieKT8Zm_mr_6XCtZ3rZndyuyA59-Rr-oHs3DN4k8ZsBfzzJ4zyvLbDUQsc6XLOe-QL8oDjJIQc7R-SVFtH7IGTUoYX9vKspVEMAOCcpcAvkw3akJ7s2yYzLxkMfuFyIwYQD8kYE7VakUeJ_CxQhqjtFTjUcuWUbjufQSs06pe4u0cXj7R2PB5xLW-LS2qXa3RQ9s0IOp05I9q1K8AwYX8NDCJK20VR5OnV8IxMNTC4zZshJYWOAtrHiK2zIcj15BPubQgPIBuRqTWvG8ty5TbXwZcvazKgfs4jpATclEK4QeFhs7cX1YcrGhWQG6L07eN7PLof1AHMc6VKDBzhMP_a25x6vuGudiFnPzD428Txd2If484ve38mJD_Jq-96DEJbjVzCn2-T6xbNSH_mdjJ3iyPXMI_xQFBPP8EkOni3gGn-tsCO-6IX9itzCYIJriw_1gzEdAq90ON-woyFmQrmsDw_OMpvvklHyvBgYOfoSPdVdoMHU6QDAnb4InxsRkkO5qOoEzCFbBGnJa0WRIGjiuzwVkMI_JdqwopMpJorwwVV6K_ZPaEztj89Qr5mJ3_2h_PJbAxp-ucL0iG4xzW5O7benD_EiSNuBpRg9k9rtm_dQD40KB72IVlgvPXSDTelvxRILvq3dL8yEZhnJRSP5IO-mKwVDjVvoO34QcmD8hIsrE9VVDVCXxgY86c3PMTWGW70YRWTYQgBujYemyN296vBgA04uPqU3VuWQ6FTGob4HybTwu5CQUL1no9DPKyBSylaw7npH1OduW_rb8QvJCI7Bi3w1Z46Q9ZHG57Ir2SFyZ8RiG8-IMfJU-tgVegf6US-ofAe-uZ5E21gY6vDnFLig_AJ-jx29OdqUW8r7Tbv6NGm4wrMVq2766uX_-qyvCDIG_fCJU4Eyw7wdR5U3RbzMCQX2MW1cpAW8R-i7h0BIe5eeDG46fizeBZugsxBzuYu5fRZhyPBIKJgywS_VvLpqxilkgnlDZVL3mxVwtlJqQyB-pE_tcKhZWXaIO6yYNCydUwauWzEMLJqEvLHdncK_4X382A4PeX8wtXovNZNHAN6viawZ8V12HbhqyLZtpVaE9dNo0NeExTJqGFQLS5xRIkQyLA33DUoXl_UOfvLhIIsWri5En2ehWyN8Uo2G6vjFlvXwa376kagjcHc2UPwHje_oR3UjW-OixiiStCotOdfpENt0O8dk99heic3EJ4J7VlWKnceLP5C-t9Z9St7hrYIlIZQT20v81M05sLaM_9mke3ghyPE6dkVnhHuuMsjnFqgOKtyWBdxFe1WLySApcysr84bqI5QkXJabU2nPTtXSQf-xsBH3RA2TcPG-ORnJWxrVbPEU-zRpax5grSvj4hbmh8yq1xPp9AFVSDdMEDd35RFGd_qdk4cENII8s2kT9TyDeCAvjiHDteMBUF6XPdvKe86Q2tHQMVNKhPE444AUQmU3kesL-ussOymbYCf52TPMi7bOtnXnoGbD5cpJLWU8-5in6UnOq6jyJKenkjzKTyImHgfQ3dJ14LwX3TeYB1Dn8_LMexsoLhkbEXTEnaOMwJVR_gr7IT2LBrvbVHKoCji-K1kS0czzynjLeSZx8A2f3btpOfHRbrwMR9DVYNl5CHNarg-MhCdK7fIJWfJaUKpYgJ_tlcowL6j1IRqFVTE6aAzzooHtAZbvvXxdUzyXYBvskILDoqQ3VbcqVYss56j_CryojQtif_i9Bn4QjZnqLJrb0BncCXkpyMa6_Qg1jWpjITD7k6jST2LHu_uMJOc6LuAumxY_eX0Hg02Td6GiHTp4VFCRwbBlVuWKDJcVwoGuLgPN0srPlv9zBk4GF0Vxnhu6IsyAhWh4NMrB5sy6k7rrKGmJ6en1TG0GDGRSMj26JOaemRKWvIkS1HiZIp1hjdKwKLm1-e07ef2NxWY3rEDXbwOSV1GGuzvInOVkrxVBSOeDlQtkBQun7klid3NSDxrn1KiHTMBKk2maE6Mgb1LR__HS6sOva0o_s_hu5Mrs6YR57SzZ20xbBie8dDFJiFFu3oDNLMP5x5o0MnNWqET4ifI712QBIctNTsNE5XQ11Aqj2BBmjrQMqCcQWhfBwa1tvs88PrU28UxwJcNBfuw13mC2Pma9DyzqUGu11FeEdhixLVTeuZ9rryOnsH4vxPhhwNYmUsRv04A_WasUdx-feQbqSG2UrbD4mpQexDQ2Sl25x-DpnMm6cVwhcJACk92u2v1lt47n_M_nOczKf-BSN7ipxt_XSb1POUy5hB-0wDNpxbR785fA85AO9d9rtNhvIstK4nAUOQ3s-SvRHUE-Jor574FPXdeXmTtq_uoNB0a4wEAl1-IH3TyFl7peQ5Ook-eboQwf9g6MPFoxBEv1CZgh3OhhWhZe8np65st8IppsqQAIW0bs1KGyLgG7c6mgUw3OENID_vmyPlXLQOcO4XoKP1nxRNKKktuC_fZzX_M_ufpruuG3IUmC4BzWC9yUeVmuyyZqRjV__PqRSNRtpmnORZMR8DL4EoSXZBYzc1XbgshkIk8zrYbRZ4DfXeJwTqNeiZTcUvYKoKHPUy2Q3ku8bctYNbcTmkIl_UAwFvBHcffPGTyQ3S45gRHD0axz8SmzgunNS7BdXo2Ujr9Jpz0-Ec2zPhVuu78BSpYR64HlPkxgCvTDfZMdco2pCIbWEgIVK3U4xGnbMsmunkMh-TGlSpkZJWcFHt9ySjxbM5pgc_-IhWJNz8SkR9TCINKnJU2oJrVRNnD3KasN63aWi3JwKpVdcGShJkRTqy0HcuLrOYJkZ4ouwtPIpxYLXwsNj2Lg2_aAXv7-8TBijJG5RPqcwGlOD44anZBH-gET0C7d_RJhwqaWu4FaOhl6z3H8CNGqCAqc68EFZjYgjI-aF6bUs4EjveaG3DfSkRZ0VhPKyBfoG3UC54Z6CAoHtic1j6qlYGo_UJlXCXR819iEGeyzPFlUycGIacw5N-fgis7x08m1o-YPwc_GYRzQ-mp0ZGPXv6zij_3a5B-520YlZMrfAcG-QpYulTHV03&cid=CAASEuRoVJKJtw76YdZrw3m5CRYzUQ&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 14:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 14:59:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 2815 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmNvntS3rS-tmRqMZM9sYsmDdI4sWWJyIpgCBAgKMJAHbqBnaVPmznwrXuaU09FyI7GA3iZfNOErv3V1KZXwlU-H7RqQ&cry=1&dbm_d=AKAmf-BzbQ6fccGqYBqzsY2500Gy5KiPrQ4wzh5J9Dld6nHIgGvNro2ABXceGhhfD_Ip83Ulye5nzzwmJSnjNzV6-sNCCR4YBfQuLhsW7oYDw17eV00-QJg9h4ijr0fWMpCrBnRJNmbN8IkZyfw28nkNx0i025zS2vHF6Z7d1xbTiUvVS9z5I5MmgKb8uMJqT9XTDIEsBJy9VrIyy7zwU_MiDKsbXyPxJ6OgD_IO77SieKT8Zm_mr_6XCtZ3rZndyuyA59-Rr-oHs3DN4k8ZsBfzzJ4zyvLbDUQsc6XLOe-QL8oDjJIQc7R-SVFtH7IGTUoYX9vKspVEMAOCcpcAvkw3akJ7s2yYzLxkMfuFyIwYQD8kYE7VakUeJ_CxQhqjtFTjUcuWUbjufQSs06pe4u0cXj7R2PB5xLW-LS2qXa3RQ9s0IOp05I9q1K8AwYX8NDCJK20VR5OnV8IxMNTC4zZshJYWOAtrHiK2zIcj15BPubQgPIBuRqTWvG8ty5TbXwZcvazKgfs4jpATclEK4QeFhs7cX1YcrGhWQG6L07eN7PLof1AHMc6VKDBzhMP_a25x6vuGudiFnPzD428Txd2If484ve38mJD_Jq-96DEJbjVzCn2-T6xbNSH_mdjJ3iyPXMI_xQFBPP8EkOni3gGn-tsCO-6IX9itzCYIJriw_1gzEdAq90ON-woyFmQrmsDw_OMpvvklHyvBgYOfoSPdVdoMHU6QDAnb4InxsRkkO5qOoEzCFbBGnJa0WRIGjiuzwVkMI_JdqwopMpJorwwVV6K_ZPaEztj89Qr5mJ3_2h_PJbAxp-ucL0iG4xzW5O7benD_EiSNuBpRg9k9rtm_dQD40KB72IVlgvPXSDTelvxRILvq3dL8yEZhnJRSP5IO-mKwVDjVvoO34QcmD8hIsrE9VVDVCXxgY86c3PMTWGW70YRWTYQgBujYemyN296vBgA04uPqU3VuWQ6FTGob4HybTwu5CQUL1no9DPKyBSylaw7npH1OduW_rb8QvJCI7Bi3w1Z46Q9ZHG57Ir2SFyZ8RiG8-IMfJU-tgVegf6US-ofAe-uZ5E21gY6vDnFLig_AJ-jx29OdqUW8r7Tbv6NGm4wrMVq2766uX_-qyvCDIG_fCJU4Eyw7wdR5U3RbzMCQX2MW1cpAW8R-i7h0BIe5eeDG46fizeBZugsxBzuYu5fRZhyPBIKJgywS_VvLpqxilkgnlDZVL3mxVwtlJqQyB-pE_tcKhZWXaIO6yYNCydUwauWzEMLJqEvLHdncK_4X382A4PeX8wtXovNZNHAN6viawZ8V12HbhqyLZtpVaE9dNo0NeExTJqGFQLS5xRIkQyLA33DUoXl_UOfvLhIIsWri5En2ehWyN8Uo2G6vjFlvXwa376kagjcHc2UPwHje_oR3UjW-OixiiStCotOdfpENt0O8dk99heic3EJ4J7VlWKnceLP5C-t9Z9St7hrYIlIZQT20v81M05sLaM_9mke3ghyPE6dkVnhHuuMsjnFqgOKtyWBdxFe1WLySApcysr84bqI5QkXJabU2nPTtXSQf-xsBH3RA2TcPG-ORnJWxrVbPEU-zRpax5grSvj4hbmh8yq1xPp9AFVSDdMEDd35RFGd_qdk4cENII8s2kT9TyDeCAvjiHDteMBUF6XPdvKe86Q2tHQMVNKhPE444AUQmU3kesL-ussOymbYCf52TPMi7bOtnXnoGbD5cpJLWU8-5in6UnOq6jyJKenkjzKTyImHgfQ3dJ14LwX3TeYB1Dn8_LMexsoLhkbEXTEnaOMwJVR_gr7IT2LBrvbVHKoCji-K1kS0czzynjLeSZx8A2f3btpOfHRbrwMR9DVYNl5CHNarg-MhCdK7fIJWfJaUKpYgJ_tlcowL6j1IRqFVTE6aAzzooHtAZbvvXxdUzyXYBvskILDoqQ3VbcqVYss56j_CryojQtif_i9Bn4QjZnqLJrb0BncCXkpyMa6_Qg1jWpjITD7k6jST2LHu_uMJOc6LuAumxY_eX0Hg02Td6GiHTp4VFCRwbBlVuWKDJcVwoGuLgPN0srPlv9zBk4GF0Vxnhu6IsyAhWh4NMrB5sy6k7rrKGmJ6en1TG0GDGRSMj26JOaemRKWvIkS1HiZIp1hjdKwKLm1-e07ef2NxWY3rEDXbwOSV1GGuzvInOVkrxVBSOeDlQtkBQun7klid3NSDxrn1KiHTMBKk2maE6Mgb1LR__HS6sOva0o_s_hu5Mrs6YR57SzZ20xbBie8dDFJiFFu3oDNLMP5x5o0MnNWqET4ifI712QBIctNTsNE5XQ11Aqj2BBmjrQMqCcQWhfBwa1tvs88PrU28UxwJcNBfuw13mC2Pma9DyzqUGu11FeEdhixLVTeuZ9rryOnsH4vxPhhwNYmUsRv04A_WasUdx-feQbqSG2UrbD4mpQexDQ2Sl25x-DpnMm6cVwhcJACk92u2v1lt47n_M_nOczKf-BSN7ipxt_XSb1POUy5hB-0wDNpxbR785fA85AO9d9rtNhvIstK4nAUOQ3s-SvRHUE-Jor574FPXdeXmTtq_uoNB0a4wEAl1-IH3TyFl7peQ5Ook-eboQwf9g6MPFoxBEv1CZgh3OhhWhZe8np65st8IppsqQAIW0bs1KGyLgG7c6mgUw3OENID_vmyPlXLQOcO4XoKP1nxRNKKktuC_fZzX_M_ufpruuG3IUmC4BzWC9yUeVmuyyZqRjV__PqRSNRtpmnORZMR8DL4EoSXZBYzc1XbgshkIk8zrYbRZ4DfXeJwTqNeiZTcUvYKoKHPUy2Q3ku8bctYNbcTmkIl_UAwFvBHcffPGTyQ3S45gRHD0axz8SmzgunNS7BdXo2Ujr9Jpz0-Ec2zPhVuu78BSpYR64HlPkxgCvTDfZMdco2pCIbWEgIVK3U4xGnbMsmunkMh-TGlSpkZJWcFHt9ySjxbM5pgc_-IhWJNz8SkR9TCINKnJU2oJrVRNnD3KasN63aWi3JwKpVdcGShJkRTqy0HcuLrOYJkZ4ouwtPIpxYLXwsNj2Lg2_aAXv7-8TBijJG5RPqcwGlOD44anZBH-gET0C7d_RJhwqaWu4FaOhl6z3H8CNGqCAqc68EFZjYgjI-aF6bUs4EjveaG3DfSkRZ0VhPKyBfoG3UC54Z6CAoHtic1j6qlYGo_UJlXCXR819iEGeyzPFlUycGIacw5N-fgis7x08m1o-YPwc_GYRzQ-mp0ZGPXv6zij_3a5B-520YlZMrfAcG-QpYulTHV03&cid=CAASEuRoVJKJtw76YdZrw3m5CRYzUQ&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Sep 2022 19:04:31 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame 497D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame 7168 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2815 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 15:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 15:07:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 63B8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
52806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 04:31:18 GMT
etag
48472445140208031
expires
Thu, 25 Aug 2022 04:31:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2815 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37c1ec9784fc156b83c8bef0ce952727b516b72d98f0eb9be26c7028bf84d916

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 158F 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 158F 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame 158F 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.49.60.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Unused62
8096267
Date
Wed, 24 Aug 2022 19:11:25 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
sodar
pagead2.googlesyndication.com/pagead/ Frame 1D5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=403684210710715&bg=!pKelp-PNAAYUOm8VNDo7ACkAdvg8Wmp3YHz80NAc35O5AOxZkZtBt8v3VAGUOZ1STeYriUWB-SAoVgIAAACoUgAAAAJoAQcKAAxKkRN2UQ-6J9zBpBeZAtCDsBJSK2NWS9fZpFuL7qFbEB4T46pY0pbqYFv-RiRGS4gWPjjucaksT9tyvl-Ls-u1ure-VAPLp3tvlnbw-DWTGnUF8xkHQieaKbwIk2R6WCiEL6qBbytdOWMeoRV7j43g2lNyXclihinwlGvqf_7wuJAOglfyGtI0cnmUInpNVPIosQSOo5mZwW8oNUWL12I9zv1H7nBC8CFWu6Xijsixh_8CilwOTOGh27IMRQU0qPl_ec99k-oOvR0nUTD7z52NtYXAw6plNiT_o8VMiqjOjoimobTXoaGeCEXGJoNXihyYxMoYam7Mi5glC2zVY2drZjaikVyoyY0kF618KbVWtWWDme4gOEWt_syFiwRd2gQVBfv1c0C55iSk0XqIjzrS406ldkx8tAxro2qUYlDP2NQtfTiRfA2Cm5zOOnsVMwmJ7ALStgsgEr3ANKLcVvtvZBjw2Hg0swx15gzmj4gtPAuZwod6WGd3V3ot34BI7POipkBpumT0HhYzQvGiW6ao_khAcS1ntGoLcM82l5bGcJtxs480PVF0VK9dXgwJelw6gAJjlaa4ypgbvG9CDfOZxNbs9QyVg24HeBswuhAqbvf2GX9hoRi-deWosLSSOcG3U5nkN2ZhITcOPcN0IaVOOng_P3E_rHf_h4IuBgj_XM1EQPlwWYDRWEssm5Sjgm34Ty7prmRtaFCvO3HhCecYmPDSjlfw0D6t1ULI32yss1X7uChbaABlVvWQwz90CwxFWvflZYwx7HDckO2ZfBIiBKmqZWIJ_9Kh0koKExEzugpOiU4S8LFzGiv4ZzaOPaTsHuYzJIcpCbSFfPkJZjxw5VBlGYC_H9Ud3UKkAt94TVALcZijEFQ8SY_dpgoUGVovqdboIADVbra7yXWr-a_QEr6hL6XhRueUkl1D3vtJZkU64JhyJEZUnZt0tQuaKOB70E9ZCA-4RftAoeWwaMg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1EA7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=2755714129352862&bg=!-vml-b3NAAYUOm8VNDo7ACkAdvg8Wjj8_89B3KvQ-3OqGdhabrlTdhe5DLr-xYNSIiDPtiENjRITfwIAAAC6UgAAAAJoAQeZArURNYChTM1BBIHbnfidAsH-F9zvHKABERvdigIi4MT7_BOfvOIXPozowOvkwLLdKEveoIToxKCPlU-n73pjDV7DTThuYgHeqOGidih-9Lz0Aj6cYYSfJApQSOV8dZOGIropJ1GloJACufB6pW8AfStBiuIYlyX6n_G1azkVX2EnW22OCjzrbPNnZmRlk-_a8XZx5WalhLKGgp8NW1S0SRaGf-sR210lAIxuPfnl02hiXmUGvBTzG5JT06HOFyHPc74RcahhWDU4CH4SgTKpdo0_IA8U853JqagW-vTogZBPcJfTo3n2FtFhrUTJBZ7n_ZA4-FqCKWFSWkE3SdEENOAdazV6RTenope5IF2l5q0j3VhkU3t-1SjxuNbBGKfMW0t6HKzz7Ad7Zoh2GhPt5aiM6Y6K4ugz_ujF6KA7evzZBLdubmRd4_326m_aR41mm8bVTrQXTuaMHxGBTJ8h2bf5JWSy6b9jwcqInYCSzhusip3BxNSMCVLYaK1hob8wkTJAtrnbjUF_ITruJ-9aZmQZV-Dgp_Iz5ArmSj6IVr26UGcS5vzRmsOrDvY3yBfNtITWjehMckKJTecvCcrOj30PUQwvDIPXNMl4AJIkFi4mJML0MsBWLwlzKJ08P1O_9nwqy9Na-OEzcE0gDuZ5tIIvXoy_bvWDrVoEFfXfAoXBbz52BZ9RRiM4hv54_Gv5qjo7-Oq28hrlfgB-KLCFZCU28ibjEAmBhHAuuwWNpQyFGf76R2qFVB_oRpglnBL26w36KGDgrVBbetjAL5gwVnp1jh6udTtkpJzxbnflKBPFpH1oABBmLIq3DppKQakrXJBeW64508KpqewY5LIXVNeIr_9GJ_mnx9GuBeyLxTC6eZvIQHEPv7Enr5v-gs5JFWflyWOc44Ww5gDfdUhdgvi6uRBx9TY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4D3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=2138441010117634&bg=!19Sl1JDNAAYUOm8VNDo7ACkAdvg8WgnMlkwDnyHqYNmX1GjQGenGTqspXADAEOMMqKTi3-FBOI-WHAIAAADFUgAAAAFoAQeZAtweJwbTtUsPSQyJcSaRTZ0v4EUs-6mcWfUfVOYcXFaPr28Tf-6Lfw3MTQ-cJF8kuZFa8iD7JDYpN0UK9gxnF6MGbOFga6tol-gtfJyVU7ftmZCG6QzrmxsaOntS5WhdHDZUEIQV69tfXFtMBGOnJzvP6HZ6dUgDE72tXA2Pk4PYhWlwWBYeMSkPrcuvawrHWrdvi_hCwNa9Omf-6G9rQ41iT1aggzoY4Vv833XSTJiZqBnyn7f1qEwnU7U-NpZLJ70hzE9b0kCfjVvHWtNJ2_nY2u0uXtMTBPV1Iqt-qqUSQ07XFNrKnSThMV5sKGFIptqJ9PHKSwtZB5OZhs11wMlpSqtlIpkh0hrnzQ2EMECunc4nhh3chdoLbt03lLGbQamAVUu2Yp8MyOXCpFHc1ag1MuDJ_5PA30adMzIc6t3lO72yOtnQB8KpBNDZqB4pEea1pSuDzigvzhL_m792X4M95oeiWDXype7P0ceVXfQroS9Azq7WV7N0utZbykhv9k26jC4eC3dxOv6ouAZNRFMATfENhEtov0YIUkkCMczj9fqK2Dgd2sqx7rCQO0Hs_Y0TfNe7IafWm3iUbVX7dVn1J_6nnlIAAgbMBqZ6tQA2SueBvL8r1LMHvpINPADkJ2WmA4Iie5Ynz_FCi6XIGgazdmRhX_xeFQdbxTURIVmMw9kUh9OWgWYfBr5nb42g07rYj_uZW2u5TA1GndxzBicezLzb0WeUCuNQzXCqJ4jYHq2cUYzlVadJv5pHIEnl6L9Ztp8ZQE1PYExaFLVrzHt7YIMl6obf-1zXkeXmOgUjDk-70UrvMrDWUFXGFFBm7CPncbH3WqbMkoad90sB_nxSaeIZK0Jf6k6i51HhvThXEIe-CiQAwRVIbfg1ybkN592MTIo6UOBTTprd5-xgHooJJ9nWhX9xwAdUqrLiCa1bl-HG144CXruJzLkedUGb0wHaHfVKhBfXvjPdOlE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 420C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
97029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 16:14:15 GMT
expires
Wed, 23 Aug 2023 16:14:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 63B8 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELALh5YZXNWyLX6pfD0dF0U&google_cver=1&google_push=AehlK4BYjYqX7u3KegFB7BuS-QKCyP69QiG2mSTKP_NyHenyRBSgjrCjsw_X35HJyYzee_VeU2ae0r4-cxef9m1NvoUVJFF52XYrVjtoK2Dlj_Yhg6SjvutGFA3GDJGPZloO8ENv0iqOVJI
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63B8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIdzlDnzeIdmRL7rhp5hx3g&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIdzlDnzeIdmRL7rhp5hx3g&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFM5UkFZOEIxT3FWTUY1&google_gid=CAESEIdzlDnzeIdmRL7rhp5hx3g&google_cver=1&google_push=AehlK4BRVpYMMOvi2f-DhzUJTJ4hhNnaFqP5GRqFeeGnmDA...
170 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFM5UkFZOEIxT3FWTUY1&google_gid=CAESEIdzlDnzeIdmRL7rhp5hx3g&google_cver=1&google_push=AehlK4BRVpYMMOvi2f-DhzUJTJ4hhNnaFqP5GRqFeeGnmDAizshi7kSz1GlbvR1_lRXR_BJdU3OxodcL7pQ7lMU865T6Paz2cHdXq4JlLYtB5kjgUDux2JZGmMSr9qY3d0sE2wGaQYzp8A
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:25 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0d0566d062fd4ea5d@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bFM5UkFZOEIxT3FWTUY1&google_gid=CAESEIdzlDnzeIdmRL7rhp5hx3g&google_cver=1&google_push=AehlK4BRVpYMMOvi2f-DhzUJTJ4hhNnaFqP5GRqFeeGnmDAizshi7kSz1GlbvR1_lRXR_BJdU3OxodcL7pQ7lMU865T6Paz2cHdXq4JlLYtB5kjgUDux2JZGmMSr9qY3d0sE2wGaQYzp8A
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63B8
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGTpdU4-lDX3wzh8hk87dxg&google_cver=1&google_push=AehlK4AtDMHXjRLfX13piFWQOSZqlAR8BnH3reQ8_jqRaqdKlTn3Du3hU849JA1gxrbmQ-0yIroKNXj...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4AtDMHXjRLfX13piFWQOSZqlAR8BnH3reQ8_jqRaqdKlTn3Du3hU849JA1gxrbmQ-0yIroKNXjDKBf0YjyaltxD-jYpkoVDvEBbFbyhNEd5trug-alnFj5sICCD...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4AtDMHXjRLfX13piFWQOSZqlAR8BnH3reQ8_jqRaqdKlTn3Du3hU849JA1gxrbmQ-0yIroKNXjDKBf0YjyaltxD-jYpkoVDvEBbFbyhNEd5trug-alnFj5sICCDu2rEOYuhQ4hI18k&google_hm=Eo3r7zw_QI60u5mt11H7frE
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4AtDMHXjRLfX13piFWQOSZqlAR8BnH3reQ8_jqRaqdKlTn3Du3hU849JA1gxrbmQ-0yIroKNXjDKBf0YjyaltxD-jYpkoVDvEBbFbyhNEd5trug-alnFj5sICCDu2rEOYuhQ4hI18k&google_hm=Eo3r7zw_QI60u5mt11H7frE
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63B8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOHtbWUP4D4EU1t41n_sCZQ&google_cver=1&google_push=AehlK4BvkYzGnf-yzhS8SyEInglnSLl7zikhLS-QMHpJjK3xyFFowly8bgkekD31o2wclRUc7IaTjqRrmI3V5vkuqgQi...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=c272ea53-b556-4b45-ad53-6c54288ea606
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=c272ea53-b556-4b45-ad53-6c54288ea606
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2cb05a91-3225-4d67-92e6-ffb90fc9eb7e&user_group=1&ssp=google&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BvkYzGnf-yzhS8SyEInglnSLl7zikhLS-QMHpJjK3xyFFowly8bgkekD31o2wclRUc7IaTjqRrmI3V5vkuqgQiocHqBVlDDEIkZbRVJLCu24ehiAyI4VB-S1qlkk_NOi...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BvkYzGnf-yzhS8SyEInglnSLl7zikhLS-QMHpJjK3xyFFowly8bgkekD31o2wclRUc7IaTjqRrmI3V5vkuqgQiocHqBVlDDEIkZbRVJLCu24ehiAyI4VB-S1qlkk_NOiC7iHmbEr8&google_hm=wnLqU7VWS0WtU2xUKI6mBg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4BvkYzGnf-yzhS8SyEInglnSLl7zikhLS-QMHpJjK3xyFFowly8bgkekD31o2wclRUc7IaTjqRrmI3V5vkuqgQiocHqBVlDDEIkZbRVJLCu24ehiAyI4VB-S1qlkk_NOiC7iHmbEr8&google_hm=wnLqU7VWS0WtU2xUKI6mBg==
Date
Wed, 24 Aug 2022 19:11:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 63B8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEELumXPaZwey2Rq5GYeowv4&google_cver=1&google_push=AehlK4B70kLT24cA5EJ1_gObXjd-pMmpR-1fbod9FSFfcw2i23c6bjBM_5dJXFLTdhAM9mJxScR9cU5u...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEELumXPaZwey2Rq5GYeowv4&google_cver=1&google_push=AehlK4B70kLT24cA5EJ1_gObXjd-pMmpR-1fbod9FSFfcw2i23c6bjBM_5dJXFLTdhAM9mJxScR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4NjUyMzkwNjcwNjM4NDk0Nw&google_push=AehlK4B70kLT24cA5EJ1_gObXjd-pMmpR-1fbod9FSFfcw2i23c6bjBM_5dJXFLTdhAM9mJxScR9cU...
170 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4NjUyMzkwNjcwNjM4NDk0Nw&google_push=AehlK4B70kLT24cA5EJ1_gObXjd-pMmpR-1fbod9FSFfcw2i23c6bjBM_5dJXFLTdhAM9mJxScR9cU5uNu9wlF_VeO3suAtxOuIGCBdyMQ-wA1t991O245E8Vp9GumywqD4H4HXOlQE-fQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4NjUyMzkwNjcwNjM4NDk0Nw&google_push=AehlK4B70kLT24cA5EJ1_gObXjd-pMmpR-1fbod9FSFfcw2i23c6bjBM_5dJXFLTdhAM9mJxScR9cU5uNu9wlF_VeO3suAtxOuIGCBdyMQ-wA1t991O245E8Vp9GumywqD4H4HXOlQE-fQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 63B8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPQS0diAwYMYfsH789tLL-o&google_cver=1&google_push=AehlK4C2PSmovytxDZNaweXVdyBsSQawn5Qtdxw8fgwylS5oatbvlQqisDCmwIP_lbEfUecrucIHMkbaKjLxM...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPQS0diAwYMYfsH789tLL-o&google_push=AehlK4C2PSmovytxDZNaweXVdyBsSQawn5Qtdxw8fgwylS5oatbvlQqisDCmwIP_lbEfUecrucIHMkbaKjLxM...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C2PSmovytxDZNaweXVdyBsSQawn5Qtdxw8fgwylS5oatbvlQqisDCmwIP_lbEfUecrucIHMkbaKjLxM1Na1viJaQ5XgBPePYFRQMbPJ7U4feM8R7JgEq5Tozssfj_...
170 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C2PSmovytxDZNaweXVdyBsSQawn5Qtdxw8fgwylS5oatbvlQqisDCmwIP_lbEfUecrucIHMkbaKjLxM1Na1viJaQ5XgBPePYFRQMbPJ7U4feM8R7JgEq5Tozssfj_u1BoT3iArlg&google_hm=TDVtVWg0VVRjS1h3VE02MDVQX3k=
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:26 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4C2PSmovytxDZNaweXVdyBsSQawn5Qtdxw8fgwylS5oatbvlQqisDCmwIP_lbEfUecrucIHMkbaKjLxM1Na1viJaQ5XgBPePYFRQMbPJ7U4feM8R7JgEq5Tozssfj_u1BoT3iArlg&google_hm=TDVtVWg0VVRjS1h3VE02MDVQX3k=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
278
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63B8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJEEUjixmT0Ekx7JEcSPI54&google_cver=1&google_push=AehlK4Bk7QvAyvMHzVxljrYUOp9unW2l4Z8n-J-RvIb1Oj0-Suemqr26qOeZgv6zj9EFnf4m1wl4chCEHBuVk_zNSzvvibYglV...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4Bk7QvAyvMHzVxljrYUOp9unW2l4Z8n-J-RvIb1Oj0-Suemqr26qOeZgv6zj9EFnf4m1wl4chCEHBuVk_zNSzvvibYglVr...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4&google_push=AehlK4Bk7QvAyvMHzVxljrYUOp9unW2l4Z8n-J-RvIb1Oj0-Suemqr26qOeZgv6z...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4&google_push=AehlK4Bk7QvAyvMHzVxljrYUOp9unW2l4Z8n-J-RvIb1Oj0-Suemqr26qOeZgv6zj9EFnf4m1wl4chCEHBuVk_zNSzvvibYglVraM0yofDJZBfyapKUU2g84n6jRep3YLY5G3AYSHC6a8A
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4&google_push=AehlK4Bk7QvAyvMHzVxljrYUOp9unW2l4Z8n-J-RvIb1Oj0-Suemqr26qOeZgv6zj9EFnf4m1wl4chCEHBuVk_zNSzvvibYglVraM0yofDJZBfyapKUU2g84n6jRep3YLY5G3AYSHC6a8A
date
Wed, 24 Aug 2022 19:11:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 63B8 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4wKH1fbJIC7_f7yG6exGgEFs4NJHlQa4JF47vrFioaaooGMj9aTdAkj_MZ-9IKVtOxTsx
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame A9F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=2345163948386885&bg=!9_Sl9LDNAAYUOm8VNDo7ACkAdvg8WqEC0rcpZnXSjvBbXKuCRey2iJgR0gDo-_tz38paHQC_4FEGfgIAAADIUgAAAAJoAQcKAESA3fOGYRmSRKRl9SACwAOaeCBfBzq78w86i3hx4uVMz7Btj1whyfqFnCOctWG3G96GrxnltdgzTSvN_SPlFQOEFtLCVpkCsZDD9zl2LaV5h51DQ6djjqNwHp5HCdXxNYXl5TvveXIUO39ND3leyWUwrMYdtbycpFd0JKMQTLo1YHCPlBovsNQeJMs6jtmVqy7RLuWHyptR8d3RdVKAuQOK9WUAS4ScZaNHkeppc5rUOBj5eSpooBufim9PXpk3eyTWZXY-KvHEy3HmlrEq00FqrN5EKDcCIZ73uMHer2zjN8vXJ7f_i73zyOlXVkQ78pHM9rKj8JEMAIwQ0pdHh4jBrHCcM9PmrY3kA-Trret0-dxatj_85hNxz0iBXl793n7fTBCkZikFUahJZleONbutr05LhEg_8Z_QdtY4g9N7inY17gFIVQKdFH-I5Y5vSSc4I2Fjie4FwSHLnhJuy5kdyP9NEDsQFKG35x-JnDzz1muRcFpCNzB5BSPZHeHBBn1I1D7WMnXW0ZAIlMiusD6m_Zwx9T3jgjR03tL5WXv7zcN83rOKmskcef16hCRLdFntxJskUD7rtRxf1OinDIyGPjwZ9bCqMEoL-t4k2QMwbbJu7I4Jwl2IhOq3iKkvmTvXGq1HqUoQseU0tQnJ1WlyyHHWRwZdb47RKljAaOUOGPwrO8QCYQ7vzL3T9__crQoRlZMseVDa-ROZu1e1sOijhd225KV6WmXp0gbX6e8F8I8vCA_pcJGz4v_-SSJyb9WFHUEPM9GnmO7F12F2y_ENhTsliEXLWLuxXlzKozHy6mptKmx2q-XQtGOkKkkzMwT-J4soGHu0EqRMjMpO_jtKOZ8oGJuhTJjNFk47UsmhjMmU6YfxftnfrQ3O2dg8DHe7C51053rwx0MZxnA3b2HG3Kw7gJwa7-WqdwMlN11ZZt_Yd1Le7ewIPEwkpglL5vFo0T3xEVgBH50eo8_renoHY8Y8EBzZyT7x0ePuBg5w0qdL6prLt6yl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 24 Aug 2022 19:11:25 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1503
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		326 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
7f140aa8126a03834872623e44905ed7ad68dac8d39beea9edb873c4f5970c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:24 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2813
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
3c540b1823fe4a2cdf6b305e112660eea2bec2df90f248fc8b7dfbc4c92549e6

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Aug 2022 19:11:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 23 Sep 2022 19:11:25 GMT
sync.html
public.servenobid.com/ Frame F2FE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-72.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
71228
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 23:24:18 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 a11f93e45c1a7b9606ad3f2a08156aaa.cloudfront.net (CloudFront)
x-amz-cf-id
8BqogeI4XCqdtW6h4xE2UfhECZ7j_e_DhYoqiWls2C0tch7OccaTjw==
x-amz-cf-pop
MRS52-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame B601
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
35f4d2b3bb8a87593812a5d497da67fc4cbc37748166a5bd02ddf556e484401e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
455
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 19:11:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 24 Aug 2022 19:11:25 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame A3FB 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1134aa4ae37006afc21b7e7817610b9f9695e33c599cc7210fff5d103cb415a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11781
content-type
text/html; charset=UTF-8
date
Wed, 24 Aug 2022 19:11:25 GMT
expires
Fri, 26 Aug 2022 19:11:25 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 889A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
51789
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 24 Aug 2022 19:11:25 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 51193
X-Served-By
cache-lga13622-LGA, cache-syd10121-SYD
X-Timer
S1661368285.242233,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 9223 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.164.213 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-164-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Aug 2022 19:11:25 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 79AE 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1661368280741
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 2586 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.239 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Aug 2022 19:11:25 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 526E 		532 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5351caa1c4bc777d2a27fb4949d9fa871367cda71844bdc104c533eb155a7185

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Wed, 24 Aug 2022 19:11:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
log
hblg.media.net/ Frame CA83 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=8789905155324178142&s_city=los+angeles&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.010&size=120x600&mx_TAS=1&mx_gpid_sent=false&xtmax=148&commit_id=ba20ae08&scrid=352177074&itypeid=21&mx_SPRIG=2&viewability=78&renderer=0&be=0&rtime=31.0&adj0=0.0&tmax=150&s_ip=104.254.150.115&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=8789905155324178142&sc=NSW&mowxReqId=dcf05472f2e1467b85a690e1ad434026_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&bidrestime=1661368280968&pv_adtype=0&cc=AU&strg=smm_migration_test&pcrid=8CU4JWBS7-781214713-35-5&coppa_enf=true&devmodel=Unknown&bdp=0.010&ct=Beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D148%7Csmm_migration_test%7Cbrr%3D0&mx_epbc=8CU4JWBS7&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.360topics.com&dn=bg3.co&dt=O&acid=dcf05472f2e1467b85a690e1ad434026&actltime=124&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=9&dfpBd=0.01&sckfl=0&dmm_erpm=false&mx_lr=0&coppa_applied=N&mview=1&smbrid=11901&bfs=103&rfc=-1&prvApiId=8CU4JWBS7&epcexp=false&pubid=pub-appnexus-exp&mx_bsProfile=0&cid=8CU2CV286&bcrid=352177074&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=smm_migration_test&pst=0&reqsize=120x600&adpos=0&itype=APPNEXUS_EXPERIMENT&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&mx_sid=8CU4JWBS7&tgtval=pub-appnexus-exp&__expireat=1661368881235&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=781214713&ckfl=0&lper=1&mx_tgs=120x600&cbdp=0.01&pvdTmax=103&ltime=117.0&epc=781214713&prvReqId=1098844342224_242772329_75211561241&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS_EXPERIMENT-1800859&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=137&apTags%3C%3E=75&mx_PC=1&wsip=mowx-7ff5f5ff48-kptq6&currsrc_date=2022-08-24+00%3A00%3A00&mx_divid=22132338&geoll=false&omid=0&debug_ts=2022-08-24+19%3A11%3A20&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=22132338&snm=SUCCESS&mx_IAB2=2&usp_enf=0&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.09&pvid=4&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-common-5568dd587b-xjp2r.LA&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=22132338&ptype=23&media=0&acsn=1&dtc=west_la&mx_aqcpl_crid=4&ogbdp=0.01&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=752115612&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=22132338&opbidflr=0.000&impId=5813252506059685694&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.78~smm_bid%3D0.01~vis_sd%3D580~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082405~iurl_b%3D5460.01~url_tkc%3D0~std%3D22132338~last%3D~vis_url_b%3D0.91~ip%3D3bw0Xn~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D29~rc%3D1~rps_sd%3D2022082404~vis_b%3D970.17~url_b%3D0.18~url_tvi%3D0~smm_wr%3D26.8760~ecp_eer%3D9~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022082412~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daAV5wcVYOVVCEG~btd%3D60213921829350675618155537944742630214711615359683909526198792783086194156572672~d2p_l%3D50~3pcf%3D396.83~uim%3D304~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.99~ogd2p_b%3D0.98~vurl_b%3D0.43~ss%3DNA~uiw%3D60~ce%3D0~rps_b%3D25.4~vurl_l%3D30~CI%3D2724~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.35~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.58~ivurl_l%3D30~supply_tag_id%3D22132338%7Eviewability%3D0.784585%7Ecbdp%3D0.010%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Dsmm%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Esmm_api%3Dv1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D103&utime=2896&sf=0&cpr=0.29680437576788443&evttyp=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 24 Aug 2022 19:11:25 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame 420C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
417059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 23:20:26 GMT
2205_SEMBA_iProspect_banners_300x250.html
s0.2mdn.net/sadbundle/14196359717863263274/ Frame AFA2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
63aa92d92ed9131c7e6a88124cec6ebcb1f8ee9ecdd62e8ebf9e7622fb0d5c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2384
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:25 GMT
expires
Thu, 24 Aug 2023 19:11:25 GMT
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2815 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVFTs8GKpebw-OoSDAjwXRlHWxoLn_OjMGjtAK-Nbtca7AYeUrl2erDTMo__g_XlximZ-UMv_C8BNsg2vTlTMvneW2QwzzVeLgqI82ps0PzTGT0j9uJcWkBsJoaIlxEfYpWiYJjkcUO2S_2YrI6ZlcR53g5PvOOD2C-sRwltKv2H71OZlT3UIEXnkWf1_t2FBNrkaCW9uRy5Q2Cv7ErwSLHOSvlbFqHiLpDdkSeX5ofs9iE19094I6zaJVytZSC-9Q3-l6D3YpWly3FwALDC7FjAEldpD3St8EuK6Vs0Fz41dPF1CKEPaXq0hgbpX3fXM_rOkmD_bPNG75vCI4_hza3HmtiXuMovdz0IcRozvO1qulVgGCN_I0osEqeToOr8RhNNaGvEbTuy9N3nCRasdqUhS8HSBKQXMrESJJebxERHroonCMVXwlIaQtQpUPY13AHrpwt_PG3tpzNMQtALcDOv0yl7ZtncnLSNAnOSweMkh37qvI57rPNHV6Hz54i20J0tAswHEaM7PHE9N-_cU_IwPb2Kp9NBOWv1ocITRdusAWDk482KybZlCsccj4WmYvWTC7ipK8zjBH8xa_xrlZbv3zx7H6zqNVLtLPD95JKfEPe3766rOEGH1CcE1QutGbMUvG81gzYTp3IjJLzvfsOtuFtKMTWOboPHuRU6g5oSLm9ptLKPSjdiUUHLh0gEvo3Bu211Fbrg_mz1wTGmA4v2V4UdprHaYUoi98V8qyLLjOT9FZJZsz44iqjWbndPrjiTJPoVNz-IvgRP-0QWgvHVxxp7Mudlk9yF88kbHC70UI1RaARkMK9IfV0DiFn4QbUAVX2f0zNF3TDr2TDELj7NJZFnFRkMkNxM-_DxcfSuTE0eQvDWXEZ7pEhQywiOVpxeLCP7PAT7qf7PFynrjDvWnBRMLM-hFutaJGkgXQDjMtAg6agMdB3zB-o8vQ3M6WlBnATdIjaumriLjjUrJVFWjvh6EHn8WSpuN3XY1pbmJ-jmO_nqDmfsDq0lKAzyS9ngb4gxnaRbe_BOauxAX4WYq8bDvvMEoMLd-ROyfjsKa6z16wJYZz61swvQSd854K6TGf8xdD3B_OL1vGHhfqs2FWtljfecP0QZ6sXHpx_mIfX2-HSRlsGdYKZ6FWlr39h3zXiypd5xJbOnLsjQ8GP1vvdiE41A9AG39CW4FxUZQ1NpgKWac_oQe8l4BPsNVuBuTnVyp8uFUlPALqcgHJoXS0Fg7rjEAQgZA&sai=AMfl-YTVMr4MrgyasKjdGSEGPL2Zcb6s8p-g__ATKra23I4qDznQPI0x-fXY8KNoYztF_fm7VIytzuWzZ_TxOsyZtv7jaQl_3D2QXI_aRJSHhcCFvVNAk0jLsMHHgeU1lspKIQsNDQ2AqlbCnAvGlp7eTmyh8ynQvg&sig=Cg0ArKJSzD832K92yMu5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=736&cbvp=1&cstd=734&cisv=r20220822.64044&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 24 Aug 2022 19:11:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame 526E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2651021867338552653&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2651021867338552653&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2651021867338552653&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 526E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=9825cf55-ccb9-7123-d160-fc11785b582d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=492e6757-f51f-41aa-a4dc-76241c67fd3b&ttd_puid=9825cf55-ccb9-7123-d160-fc11785b582d&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=492e6757-f51f-41aa-a4dc-76241c67fd3b&ttd_puid=9825cf55-ccb9-7123-d160-fc11785b582d&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=492e6757-f51f-41aa-a4dc-76241c67fd3b&ttd_puid=9825cf55-ccb9-7123-d160-fc11785b582d&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 526E
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwZ33cCo5ssAAGuPcGUAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwZ33cCo5ssAAGuPcGUAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
52
Date
Wed, 24 Aug 2022 19:11:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":52,"gdpr":false,"ipv4":"173.245.209.177","key":"YwZ33cCo5ssAAGuPcGUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad15"}
X-SO-Ads-Time
2
X-SO-Key
YwZ33cCo5ssAAGuPcGUAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad15
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwZ33cCo5ssAAGuPcGUAAAAA
Cache-Control
private
X-SO-HostName
m-ad15.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-IP
173.245.209.177
sd
jp-u.openx.net/w/1.0/ Frame 526E
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AS4aWbOpXopxks8ADsaW36yH188AAAGC0UQ95A
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AS4aWbOpXopxks8ADsaW36yH188AAAGC0UQ95A
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
via
1.1 20bb709a751569d186bca51c132b4c86.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AS4aWbOpXopxks8ADsaW36yH188AAAGC0UQ95A
cache-control
no-cache
content-length
0
x-amz-cf-id
YP3w6JuYk9MxreFzpJF4FlwEHmdv4yWU2LvrIo-jYQLiCoDANyPlTg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 526E 		170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjQ0YTFjOWYtMDVjZS0yZjg3LWM0ODAtYTZhOGIyYjk5NjRk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 526E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAKOMiIxBsKc5ozAG_uOBk0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAKOMiIxBsKc5ozAG_uOBk0&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAKOMiIxBsKc5ozAG_uOBk0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bql.php
lg3.media.net/ Frame 158F 		15 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5760&&&vgd_l2type=sca&fp=mXXCGSbyQ01PARjfirm0OAmPQybfPunRt6tfz9EedHN3-xdf5zWNloPiKxlKTJx8lP5ejHLoD6MaEWdezFkp_YhqXtlhfHSOY3-w_9HX4VenKC-bbLis7FvThM3rl9MA&cme=ITiPEpxgRI11KzfivA8Umfg98x36-y0MNiPfPhI3Zdr4KK-lHKV7BwNoYgRJc7-ZD3SdsbMCwK-RmoQVb_qjnCx0Iy4jBRLrD1BLVjpsIP49f3aa6ZVxR2qrWnr0o7CeBpIA019T6zLobHSQRf2v5vJp_bbHz98CUbvJDlHY1wQxUxI1v7II2JyF2FY4hq3E5DGgWOdAL7L_MJ4KOBtvOw%3D%3D%7C%7Cu8A6SM53vAfcrpZuel3W3DwMTuFdyyxb%7CR0pGwT-1wLcnervD5TbKub4gKhjiBXnT%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7CmJDBK7pPurxM0g3IbGjQMssb6_feyRx7uMrEu_9Baq2jqGyc_SrM_VeZ-ecyz3uo7dcT9oBpA0hscN43jf5g-kGcgRhBRDPTeLLZ2iNJpCw%3D%7CZEwYz94Rgabfv6ctfB1Am7wf3x9Wdd_TdBFSNZs-sURdvlS2hnxGSfzZwC6NKvwHgKUN6cXZZwc1onmrmVKSRnSAzSYFiy48NMQvFakqTC83MPbPdmteXssUWbXQ87mAX3_7xUKvU9rEySdHQEtpJfkM7aNHgmHjNYVsOgWwJl9aoYf1aQ13LLYs3RmD9A8tXDcpd9H5qRs8QI1MfJjSz-jFuw1FAyH9yTmh1qpB_lY%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=3&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785107&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=240&vgde_kbbh=ffoyxQJuOu99&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=329544111&kbc2[]=1%3D1.29%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D1.31%7C10%3D4.86%7C62%3D2.45%7C66%3D0.65%7C63%3D0.49%7C12%3D0.09%7Cps%3D0.468%7C3%3D1.96%7C4%3D3.72&ktd[]=274894815488&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Best+Priced+Car+Insurance&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=48970281&kbc2[]=1%3D0.31%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.31%7C10%3D4.86%7C62%3D1.34%7C66%3D0.65%7C63%3D0.49%7C12%3D0.46%7Cps%3D0.468%7C3%3D0.41%7C4%3D3.50&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Value+of+My+Used+Car&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=29672219&kbc2[]=1%3D1.47%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D1.64%7C10%3D4.86%7C62%3D1.17%7C66%3D0.78%7C63%3D0.49%7C12%3D0.92%7Cps%3D0.468%7C3%3D0.55%7C4%3D3.38&ktd[]=274911592704&ktrkt[]=Value+of+My+Used+Car&kwd[]=Best+High+Return+Investments&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=326649050&kbc2[]=101%7C1%3D3.18%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D5.69%7C10%3D4.86%7C62%3D2.45%7C66%3D0.65%7C63%3D0.49%7C12%3D1.10%7Cps%3D0.468%7C3%3D1.01%7C4%3D3.89&ktd[]=274895077632&ktrkt[]=Best+High+Return+Investments&kwd[]=Vitamins+for+Hair+Loss&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=5&kid[]=30111142&kbc2[]=101%7C1%3D0.41%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C60%3D0.42%7C10%3D4.86%7C62%3D1.67%7C66%3D0.42%7C63%3D0.49%7C12%3D0.41%7Cps%3D0.468%7C3%3D0.11%7C4%3D3.76&ktd[]=274911854848&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Download+Movies+Online&kwt[]=112&kbc[]=&kwp[]=6&kid[]=8843815&kbc2[]=&ktd[]=&kwd[]=Breaking+News&kwt[]=112&kbc[]=&kwp[]=7&kid[]=4252619&kbc2[]=&ktd[]=&kwd[]=Find+a+Business&kwt[]=112&kbc[]=&kwp[]=8&kid[]=10841355&kbc2[]=&ktd[]=&cid=8CU4JWBS7&vwid=1661368283271506453&vi=1661368283271506453&tdAdd[]=ib%3D0&vsid=3043698846836918&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=784&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_katbid=-102&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785107&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8POGBHUQ8&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1661368283129331632&sttm=1661368283879&upk=1661368284.14815&hvsid=00001661368283879029185683699017&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&lineitemid=4&vgd_ecrid=352177074&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POGBHUQ8&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3043698846836918&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~eBMJ-Nv9.hW~QYYMG8Ov9.9u~e8QMQOvXW9~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9WfH9X~8xLjMGvXHF9.9u~xLjM7UNv9~Q7OvffuAfAAW~j1Q7v~e8QMxLjMGv9.iu~8EvAGB9tz~kGGv9~e8QMxLjMjvA9~L88Ex1v9%2C9~J7vfi~LNvu~LEQMQOvf9ff9WfH9H~e8QMGvih9.uh~xLjMGv9.uW~xLjM7e8v9~QYYMBLvfF.WhF9~JNEMJJLvi~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9WfHuf~Q8OvufiHWkO9k1GAWJhkhOufH1WOiX9FJuHA~QOv9~x8OvkfO1K%2FXBN%2F3a%2F%2F%3D4Z~G7OvF9fuAifuWfiAX9FhXFuWuXXXAhiHHhHfFA9fuHhuuFuXAXiFWAi9iXfFuiWhifhWA9WFuiHuXFXhfFhf~OfEMjvX9~AENkvAiF.WA~x8YvA9H~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.iW~exLjMGv9.HA~QQvIK~x8BvF9~NJv9~LEQMGvfX.H~exLjMjvA9~%3DVvfhfH~z7Qvu~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvf.AX~8Q8kv9~jNvA~G8Ov9.9u~ONvW~ejfLMGv9.XW~8exLjMjvA9~QxEEj5M71yM8OvffuAfAAW~e8JB1G8j875v9.hWHXWX~NGOEv9.9u9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov~8zQjv9~O7NvBJQ7Mj1~O1jyvQYY~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9u9~875EJM8Ovfu~QJjjJLM71yM8OvffuAfAAW~N1LL8JLVOv9~QYYM1E8veu~8GNvu~OO7vou~zQlvu~7yQvuf9-F99~GQGv9~GQEv9~7Y-vu9A&vgd_optout=0&vgd_cfud=220401&vgd_scsver=294&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=120_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=west_la&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A120%3Brend_h%3A600%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001661368283879029185683699017&subBdr=196&bdrid=4&rc=0&rand=1661368284683&acid=dcf05472f2e1467b85a690e1ad434026&matm=1661368284684&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&vgd_x_pos=5&vgd_y_pos=300&vgd_ren_page_h=3042&vgd_ltimesrc=1&vgd_ltime=2635&vgd_rtime=2006&vgd_etm=18&vgd_l1hcsd=A12%7C5535&vgd_l1ch=1&vgd_lhl=2710&vgd_pgid=p0629732854t202208241911&vgd_adprefflag=01&vgd_csip=rtb-common-5568dd587b-xjp2r.LA&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F103512698%2C22574853003%2F22579309510_0__container__%7CDIV-STICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Server
Apache
Date
Wed, 24 Aug 2022 19:11:25 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=64390
Connection
keep-alive
Content-Length
15
async_usersync
ib.adnxs.com/ Frame 889A 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:25 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e123b03c-1811-4d87-8fed-7667a7bc4dad
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CA83 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUe2N6II93CVjGEE8Qbs8hP9zPtCq_lkzZ_LDF5YyVxnvXUdU8HBqZtkq6Gz_URYVL9bvOvc07OVwA-NFtVXxdTd4e_VlB1D8jnDZWzNeur-j7LGbl&sig=Cg0ArKJSzLwFFfZ16jRqEAE&id=lidar2&mcvt=1024&p=300,5,900,125&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20220822&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661368282686&rpt=1619&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
lax1-ib.adnxs.com/ Frame CA83 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&e=wqT_3QKEBeiEAgAAAwDWAAUBCNjvmZgGEL7-2Kqry7TWUBgAKjYJexSuR-F6hD8RYVRSJ6CJgD8ZAAAAgD0Ktz8hYQ0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Cyl_enAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG9P4BmAF4oAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACjepa6gJNaHR0cHM6Ly93d3cuYmczLmNvL2EvanUtamlhby15aS16aS13ZW4taHVhLWNodWFuLXlhbmctemhvbmctaHVhLXdlbi1taW5nLmh0bWyAAwCIAwGQAwCYAxegAwGqA0ESGDg3ODk5MDUxNTUzMjQxNzgxNDJfc2JpZBoTNTgxMzI1MjUwNjA1OTY4NTY5NCIJMzUyMTc3MDc0KgVNMTE3M8ADrALIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTczLjI0NS4yMDkuMTc3qAQAsgQPCAAQBBh4INgEKAEwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLKX96cBiAUBmAUAoAXe3ePDr4WB_nnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUA4AUB8AXFlCH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG-eMC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADiIAUAAyAcA0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=92365b80053a93dc66af1ad8acc9190f57afc69a&type=pv&jm=1003&px=5&py=300&bw=120&bh=600&sf=1&sid=7061473381596977466&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:25 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
63829e3d-339d-43cc-a0d8-171951c40be9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame A3FB 		61 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:25 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1413
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
usync.html
eus.rubiconproject.com/ Frame 737D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.164.213 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-164-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Aug 2022 19:11:26 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 24 Aug 2022 19:11:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 333B
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Drkt%26refUrl%3D%26vid%3D136828536830436988468369180...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=rkt&refUrl=&vid=13682853683043698846836918000V10&ovsid=1975461764915802390
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=rkt&refUrl=&vid=13682853683043698846836918000V10&ovsid=1975461764915802390
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Wed, 24 Aug 2022 19:11:26 GMT
expires
Wed, 24 Aug 2022 19:11:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Wed, 24 Aug 2022 19:11:26 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=rkt&refUrl=&vid=13682853683043698846836918000V10&ovsid=1975461764915802390
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 95CA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=123810
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 24 Aug 2022 19:11:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 05:34:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame A3FB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dapx%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=apx&refUrl=&vid=13682853683043698846836918000V10&ovsid=7093734920555040481
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=apx&refUrl=&vid=13682853683043698846836918000V10&ovsid=7093734920555040481
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:25 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:25 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:25 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
51b2049a-631b-4073-8e6c-9996e7b1d1f7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=apx&refUrl=&vid=13682853683043698846836918000V10&ovsid=7093734920555040481
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame A3FB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3043698846836918...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=opx&refUrl=&vid=13682853683043698846836918000V10&ovsid=5009a6ca-67b9-4bc3-b22f-827fcab4caf1
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=opx&refUrl=&vid=13682853683043698846836918000V10&ovsid=5009a6ca-67b9-4bc3-b22f-827fcab4caf1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:25 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:25 GMT

Redirect headers

date
Wed, 24 Aug 2022 19:11:25 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3043698846836918000V10&type=opx&refUrl=&vid=13682853683043698846836918000V10&ovsid=5009a6ca-67b9-4bc3-b22f-827fcab4caf1
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame A3FB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dr1%26refUrl%3D%26vid%3D13682853683043698846...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1601451362
  • https://sync.1rx.io/usersync/tradedesk/492e6757-f51f-41aa-a4dc-76241c67fd3b
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=r1&refUrl=&vid=13682853683043698846836918000V10&ovsid=RX-5a556040-9ba5-4378-9175-396b51281898-004
45 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=r1&refUrl=&vid=13682853683043698846836918000V10&ovsid=RX-5a556040-9ba5-4378-9175-396b51281898-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:26 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=r1&refUrl=&vid=13682853683043698846836918000V10&ovsid=RX-5a556040-9ba5-4378-9175-396b51281898-004
date
Wed, 24 Aug 2022 19:11:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5a5560409ba543789175396b51281898004
content-type
text/html
cksync.php
contextual.media.net/ Frame A3FB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13682853683043698846836...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Ddxu%26refUrl%3D%26vid%3D13682853683043698...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=dxu&refUrl=&vid=13682853683043698846836918000V10&ovsid=zj2wRe0w1OqVMF5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=dxu&refUrl=&vid=13682853683043698846836918000V10&ovsid=zj2wRe0w1OqVMF5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:26 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:25 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0d0566d062fd4ea5d@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=dxu&refUrl=&vid=13682853683043698846836918000V10&ovsid=zj2wRe0w1OqVMF5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame A3FB
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dd5a638b-6d7f-4423-aee9-a15d8b109e96
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dd5a638b-6d7f-4423-aee9-a15d8b109e96
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:26 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dd5a638b-6d7f-4423-aee9-a15d8b109e96
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1021645
content-length
0
expires
Wed, 24 Aug 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame A3FB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3Dc272ea53-b556-4b45-ad53-6c54288ea6...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=67af6306-77de-4d00-8b03-9c806ecb11b0&expires=30&ssp=medianet&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:27 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 24 Aug 2022 19:11:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame A3FB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dzem%26refUrl%3D%26vid%3D13682853683043698846836918...
  • https://stags.bluekai.com/site/23178?id=jwmTmr62IInEafLN5tqD&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLKO5WVI3LSGYZESSLOIVQWMTCOGV2HC...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=jwmTmr62IInEafLN5tqD&refUrl=&type=zem&vid=13682853683043698846836918000V10&vsid=3043698846836918000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=jwmTmr62IInEafLN5tqD&refUrl=&type=zem&vid=13682853683043698846836918000V10&vsid=3043698846836918000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:27 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=jwmTmr62IInEafLN5tqD&refUrl=&type=zem&vid=13682853683043698846836918000V10&vsid=3043698846836918000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame A3FB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3043698846836918000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3043698846836918000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=30bb4238-f6a8-4671-a67b-1c2d85613f16&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=30bb4238-f6a8-4671-a67b-1c2d85613f16&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:27 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=30bb4238-f6a8-4671-a67b-1c2d85613f16&cs=1
Date
Wed, 24 Aug 2022 19:11:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame A3FB 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Demx%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.125.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-125-68.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame A3FB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=492e6757-f51f-41aa-a4dc-76241c67fd3b
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=492e6757-f51f-41aa-a4dc-76241c67fd3b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:25 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=492e6757-f51f-41aa-a4dc-76241c67fd3b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
n.js
geo.moatads.com/ Frame F23E 		97 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=3739141059&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-AtzSsj5UIp%2B9WA%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=STACKADAPTDISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fadx.holmesmind.com&lp=https%3A%2F%2Fwww.bg3.co&t=1661368285389&de=593230341863&m=0&ar=1da355aa18f-clean&iw=0e4fd02&q=2&cb=0&ym=0&cu=1661368285389&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=19380%3A264649%3A2314848%3A934391782&bo=156&bp=icook.tw&bd=pub-7945044863874787&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co&id=0&ii=2&zMoatOrigSlicer1=156&zMoatOrigSlicer2=icook.tw&gw=stackadaptdisplay515602019759&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jh=-1&jk=-1&jm=-1&mr=0&ml=-&fs=199703&na=112106766&cs=0&ord=1661368285389&jv=58348558&callback=DOMlessLLDcallback_3527095
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/stackadaptdisplay515602019759/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.21.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-21-102.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
c6f96d41bb943e0514c477e6fa78a7b43d49082eb812ad94340b34cbdd44ecc9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"d8f3e0ce5aebb9e5229ce34d2b0c61bf4f002ecf"
content-length
97
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ Frame F23E 		292 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.bg3.co&pcode=stackadaptdisplay515602019759&ord=1661368285389&jv=1180308055&callback=BrandSafetyNadoscallback_3527095
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/stackadaptdisplay515602019759/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.192.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-192-69.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
9354f9918f63f7ebe8ac8160e34955ec5d914e1c39936edb5f1c84dfca3c3a12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"0c6f769eb849c8e6f0d028d79103f48ae6f0b475"
content-length
292
content-type
text/html; charset=UTF-8
v1
mb.moatads.com/ot/ Frame F23E 		46 B
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/ot/v1?url=https%3A%2F%2Fwww.bg3.co&pcode=moatot&ord=1661368285389&jv=1536995923&callback=OneTagNadoscallback_3527095
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/stackadaptdisplay515602019759/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.192.69 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-192-69.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
8d4d286470d7a7f27c9563a71408d09c4714a1c23e92ae31fe19bb878ac29958

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"1dda73b826a121d1175b8be4f30c3eb43f0b8fcd"
content-length
46
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=STACKADAPTDISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fadx.holmesmind.com&lp=https%3A%2F%2Fwww.bg3.co&t=1661368285389&de=593230341863&m=0&ar=1da355aa18f-clean&iw=0e4fd02&q=3&cb=0&ym=0&cu=1661368285389&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=19380%3A264649%3A2314848%3A934391782&bo=156&bp=icook.tw&bd=pub-7945044863874787&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co&id=0&ii=2&zMoatOrigSlicer1=156&zMoatOrigSlicer2=icook.tw&gw=stackadaptdisplay515602019759&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jh=-1&jk=-1&jm=-1&mr=0&ml=-&fs=199703&na=1998870855&cs=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E254 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
52807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 04:31:18 GMT
etag
48472445140208031
expires
Thu, 25 Aug 2022 04:31:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F23E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35f39d8bfcc8d1484e942a22fcd458524533e5665d53d8576d48dfe2bf05f8f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sa.css
tags.srv.stackadapt.com/ Frame F23E 		27 B
254 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: creative.stackadapt.com
URL: https://creative.stackadapt.com/js/saimp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.93.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-93-244.compute-1.amazonaws.com
Software
/
Resource Hash
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 24 Aug 2022 19:11:26 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
27
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame F23E 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: creative.stackadapt.com
URL: https://creative.stackadapt.com/js/saimp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.93.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-93-244.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 24 Aug 2022 19:11:26 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
activeview
pagead2.googlesyndication.com/pcs/ Frame 48DA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssts516Aj6CtPj8yk2xMm6WCZsOvz8d9FrLYSxYL7YIdqcutLG8jEEL_bajEIuDxwI2ZUI6RWj-0fnkKYShNlePuJFFbRFI6dD7rbJJptbT33Pml6hoeYC3JunNpGrH8QwKmSGAaxg5grrPS3O3bjMAtJIH6_oDvLMP3rm-rnhgqBi6XYBgvXyo6x9lXKU-PzPmDAHo1gloAXGf_J9zYeO1uIAX9ofeWIqhW1OfS0KcPNiPV1NXIjn93bvWN6CTceGEHM7ECF30rjqqRAI09XC43WWVml-7oS0EIJc1PoicYEAslgyx5fcWo0GHRnDGBJivi8Kftk_bOYeyPfGFbgjh6ngCiSLmNa15KpBwMkQ6XIEJgilJ62f44FBow88yxdWzy8RZBtJcuklubCvZOYFVDDE3kXBfpAyALqot47r2zK1eSB0FByoZvPM5-vbp2dcEv4oV1lT5LVIfDT8Xkcytc8QgGQtAdL22npVOLmeuMYMR6tNKHgOxwrwyK3N2P-9ZtxyaAWy8NybgMYFt4TR77lrz4FGvIO392UA03mmFrjTY_7OjQL8hwTFqc85_Djkm0Kfdwvw_JWr5CRtRKmE6FgM38hAHxOqBHA8yATM9-PfqWYFgSIXxfsFvSLgXhVQS7J9ms0_k6PQFpS2Q671R9RVC69hPqFGN6C6l2UKCvyu0NXbaZME7m8PDCuE6rhDLzpK7e1UX4LMsWVLh6kQDb6pTmgatWA-Oc48bo_4e4vB_wqmmKAj7sxlle9o9cK5l3Z8vwbGB4MN5wesyF-bvTCXWuj0v8-m41SwBHoIHVAZb6TnkZh5oHuGcBb4NJ1M1kFKQFC4Bnee13wbvZkFwifJPJxkhkgiqhL01PuY-UPMx8sMTiFTxJ2-f1-h0oX2EV1zc7LelAHV7e8oMa88VIxn0NDNC-vYpXZv2J5jIj3YxzYmwtXUgjuUVG1xKKx_UkdPTvHlFOqBUrKTAWVNH_351KH0_Rms5YQNWmvt-s34yqOqXsvt_Y5HqTiGM6zyS2Gso7WARelteTqLtS3-pX35DmsslUmRcz7yGGwQuPDFDikUP3u1R7RvXg28-XvciAIJnPgE6XJwbbFoDh10uHDpYtCPoA_qr-tzgHfBoTnIdnGkTzh1b62OL9ZCkTJE4IXSHYzjT1fH9ceWtgSfdVEpkScavJz5nUHeGRyFr-YREIwOQ7OX1T3MgBho4eMAIPxV1c3DTuJz4v3pvirQPAoLm7vg&sai=AMfl-YSz5cBJWjYRO7fMmvxE7VeLbjY9clgyqjFtewOB5GRhO4UmzVRLqlj_SsTZqhkWDulKabFoY9iWs9viJqLcb-R9lgZd_KEk1FAkd3-ujcbEEipwWICyFVIRwdwRErLe4iFp2DVlvpkaSQ&sig=Cg0ArKJSzJt5RsfCGHsYEAE&cid=CAASFeRoOZY1ZMPnPPW5IMFwOMzy9HcB3g&id=lidar2&mcvt=1036&p=60,236,310,964&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661368282676&rpt=1812&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B601
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=492e6757-f51f-41aa-a4dc-76241c67fd3b&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=492e6757-f51f-41aa-a4dc-76241c67fd3b&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=492e6757-f51f-41aa-a4dc-76241c67fd3b&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame B601
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B601
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO8xa8Uq-Hxb_XvFbXMvfV4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO8xa8Uq-Hxb_XvFbXMvfV4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO8xa8Uq-Hxb_XvFbXMvfV4&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B601
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDk1NDkwNzcyOTM3OTE3MTAzNzA4
date
Wed, 24 Aug 2022 19:11:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame B601
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=495490772937917103708&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=495490772937917103708&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c87aede8-536e-4c92-856b-1e7b173610f1&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c87aede8-536e-4c92-856b-1e7b173610f1&_noobservation=1&_expected_cookie=ad833c6...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c87aede8-536e-4c92-856b-1e7b173610f1&_noobservation=1&_expected_cookie=ad833c6600a94d7d73a98593cd8233e8
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73fe64d0dfd7a974-SYD
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c87aede8-536e-4c92-856b-1e7b173610f1&_noobservation=1&_expected_cookie=ad833c6600a94d7d73a98593cd8233e8
date
Wed, 24 Aug 2022 19:11:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73fe64cf8f49a974-SYD
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame B601
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=495490772937917103708&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4744a01d-ea33-41b6-aeb4-f83a5ee0baf1&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c272ea53-b556-4b45-ad53-6c54288ea606&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=c272ea53-b556-4b45-ad53-6c54288ea606&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=c272ea53-b556-4b45-ad53-6c54288ea606&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 24 Aug 2022 19:11:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame B601 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=495490772937917103708&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A89AE09D677C4544A4EC290183AA2615 Ref B: SYD03EDGE1608 Ref C: 2022-08-24T19:11:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame B601
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/495490772937917103708?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_HxeUQZE2oRE33AJrRPSRxJLyEQSUX4CdgFKb9CuLw--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_HxeUQZE2oRE33AJrRPSRxJLyEQSUX4CdgFKb9CuLw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 24 Aug 2022 19:11:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_HxeUQZE2oRE33AJrRPSRxJLyEQSUX4CdgFKb9CuLw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame B601
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=495490772937917103708
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=495490772937917103708&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=495490772937917103708&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3EJHTHAG2QX8MEMFQ5R7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=495490772937917103708&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B601
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ePSpP9SPglnMsWI6bwum&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MVIFG4CQHFJVA...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ePSpP9SPglnMsWI6bwum
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ePSpP9SPglnMsWI6bwum
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ePSpP9SPglnMsWI6bwum
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 420C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrgZ93HcGY4aCCf-Q4t4PuvWdkA8AAAAAOAHgBAI&bg=!GRqlGl7NAAYUOm8VNDo7ACkAdvg8WvGmLEzgnLA1HmLplVIscqBy55jHOTZ65027ZFLwPnwnSDDTTQIAAAEoUgAAAAJoAQeZAwy3TyXcnimz5eHIiUsLOTHRvKSp7K91Y6SDgijn1KMspwRCQPlFO73_B7eemFLHwFOD9jjUoMgCKg5SoAJ-Lcl6fE82kTZvqVH4a8-sYdzTXxHKONU6tLs_BSt8P7ggTpzjkqEoCt8mBW8ih79KJYd2Y_w3_n_UhCjiTIaBAHVHnDL9WF4hvJltlHcrNKNq4XzKHwOAvPHDnDSG-RWBKRN22c4Rgqe7Ck-5-lOUxnvc-QePb8xRykQGRQUumaUiPg1dV8Nawq_PS_qsFsgM8Kikz4IM9YvH-GjHkrcytcpbLQIAPLTYVUMtKB0hu6Z1_CoC69uFI_H_kaiL8gUAigxZ1PMmNbBAM1IoGU_BC2fgS3GHILvmgROQBEIpJWI_Jo49xDCMwknNKce34DlCxmf0RBaAzlVMHN1phXSh4pGQUloPKJ3fJiiEYtqPpMLwTJKvMHhB9O3N8do0zI2I4_WjVzvHnec02Hin-BB505tx0409TRK1GhSZSHbIS5Lwb9YLLK8aASP7mFJWh_cp28eiSqZlKzCYRxJBbx231QAVPJAvNJLsDdxHN5Q4q30dExBsKcBO5FfOAHgPTFJqhixKlCEDcpSim9X2hiE6BhT4JjvPWVIrheVUVjnmEnDgSAhc6anch7zQulluX9tWZIEGGuYuL5o3yfwaRS36xmwd1AxS7GoeZ1ExFOdrEgAk9A5ZhiA3dpZDiKNeKiE8HL2axmRA3AKUZHLbsT5MXMqiXOA-1kxLdQRPqNj-KpXPFFYx9AdJh7cMSn1r2LwuHLk6RdMvVgywTRk3tuL0sNtZ5xJpUFeca3PX6cd3kzaXkVqqifRXYLfetoroISchI1lcg0KwWBjuJ26teucEZpj3UuKcAJbmbxVghcJXOeh2wv5lZCUON4rTkSirzD94Q1ya9jNpfpccA7epjI1Cdnuac26YBxy-389fuLI1lITdrE4noEmYgNg9s9X58XKElZ7fJe0kdvdbkMdIZcWQ7s-Zcw6EMCoXFA7_SaDfJwKlgfS5FlrzdCkGIPntH9E
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F326 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1O0eWI2-sHtTYA41xxOUDGu4aMGRXDr7FynjYaMSJHdZFItw6IzMoGViJOoZYka6oQYQJZgd1cbYBkob0exXTsw2cB-L-S95IroLAFol0sk0L1P7k_P9ey1OXcZlngseNmZO0S6_iQ_klvs9YzWjKqh5R-vtH58KvQSWbmHtCQ2BkzXryQyeNpalJU2vOGmV4hyXEvyEvX705t32Aw2i9VHQedCdmeOJ-0bimkREbyWm3fY4AhWuNLD3zR8JtQJcAtg40TcWxkgm2kHqY16wAuChE8D3PleXZDUgKYPOZkvgP0GzIDUL8Q4q2gfcqyvedAHvMwigina2T8dLU3oD-82InMBL4-PzKYwgHshx_4s7b5d1iRqk2ybjsm5c-0Ov0sLr5b0x1Yu5Fy5IkPgoMMjAaYwKBawuUqE5s9nmntR78BZX3ZMXn99Fe7WQryt5IlNHCqWhmJzbYRA4yUt828AQtVTgg7NCafp9McEX6U9gMansvEEWaivC2G_xYpVpGizoHsErvRWhGux6e5ugZhM4WFgo6TxjD9iQs7dBmiIJUPyHhwUWAMDctSFEeZmlMSMF_Q1tKOR5akYDR2u1oqrb1vlwQQ8w27_z4RE5aH8xmABTr9bpQxsQTJNUBJUHAVDtS7Idg95LcdbGdEzJnwDdyaknGMrX8BxFyp934bkZorq4CBmCalaf-9c2QIy5_8QyDv-dCYfoNAt62fbOGmgrat7SjQWj8H5atY2EFLKD--ww5EQ89c0buVlnHtofqMGA0gQ1IndeQw3IsmOAW_IRXyohx60AmMH-tfRgYx3dm04jcinQ0aEA4L5mpoBgrFAR2dh5WobHw6aO6qKMRsogu_gcWZI2hgwBcJCxpsC2MTNf1eXzXvRWDTcrYjRKUcRkOqlI1W37S8D54-IiLMvrvjWxyzFeAZCirB5tEiVn_VQUGikD2R3YFiUDcUNMxT0YX_2N5wg_DpZg2CVMN750QvIwzmGncmfIx8imUji5IOITguNdZsqUPLPo8TjVuMtO3vIzvdQ5Pwz_M63DoAQGOgKW9NKtMZ1B_PdGhqAQHgBFNkF279t_Mym7ouofUx7ZPhvk_sXIt8ULazkwno7PYB2xyO6cTveth23xteg4z5WLWRlyEcNHZ64kLnDFUf44jI7fe18cYkB53bS4Jbh5Gn4SR1trFhNxSS14dfE6QgotK9w16UY5siwVjuuf5pAmD3nuPtUlUFkBNXtZFCXtr9jRzjw&sai=AMfl-YS43_-ONu-Gw-0hasqWdRN0sFZE8NnAiB_WJENXIV5fWSgw40ktRiGSIsFUVwqh8hyeAmyavEx0RefZ7Lyy6OJBs55NCd2iaaffVm1Xof11ppVSA8Umps7YyUKpqrgzzlgTSRxFy6mK2A&sig=Cg0ArKJSzKopJHrYGJkpEAE&cid=CAASFeRoG0s-NI43mtehgEq7WeQaoBvUeQ&id=lidar2&mcvt=1004&p=1110,436,1200,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661368282683&rpt=1908&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2815 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnuOv2Ai4_hd3E5XsLH4UYYT7M59pGJ2x3tTADgjtongPbK4yTU2VObmoszRMbIUmhduDaLiv9ZHdU-DH3O-pKLkmdIUfv6Ud0Oz8IBW-MvajVWOl8pyjrWWbOs6cyVEkf0u89xU9hRg&sai=AMfl-YQluetlLi5tewZ0DuIM8W6HaPa7MwP1GXfTwqDHyGOp6H2Y5yt5FJ-M9bUubVp38fuAVwTx_zlExZuFYLuMDa6LMN80sMJFRuQ&sig=Cg0ArKJSzApMNQ4Y8oPjEAE&cid=CAASEuRoVJKJtw76YdZrw3m5CRYzUQ&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=934391782&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661368283513&rpt=1140&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E254
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELALh5YZXNWyLX6pfD0dF0U&google_cver=1&google_push=AehlK4DOBSZ9QLLDuCCDvSm5LPsrPZo11zaUHj0SSW6PObiij24DBf9UXH...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AehlK4DOBSZ9QLLDuCCDvSm5LPsrPZo11zaUHj0SSW6PObiij24DBf9UXHjw8cvuYyrgn6WuE-txD2eY0u9BSEbO592DzS41SGit-Pqfi3xA4gisVNRid...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AehlK4DOBSZ9QLLDuCCDvSm5LPsrPZo11zaUHj0SSW6PObiij24DBf9UXHjw8cvuYyrgn6WuE-txD2eY0u9BSEbO592DzS41SGit-Pqfi3xA4gisVNRid3-2PQOKUM-kByCLec8m8loXYb6BGXR2BpOS-7Y&google_hm=S3lt-pS23rbfHxoP3mTtlA
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AehlK4DOBSZ9QLLDuCCDvSm5LPsrPZo11zaUHj0SSW6PObiij24DBf9UXHjw8cvuYyrgn6WuE-txD2eY0u9BSEbO592DzS41SGit-Pqfi3xA4gisVNRid3-2PQOKUM-kByCLec8m8loXYb6BGXR2BpOS-7Y&google_hm=S3lt-pS23rbfHxoP3mTtlA
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E254
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECvqVsDsNmF9TXX2FII9AL8&google_cver=1&google_push=AehlK4AtnTciOlF3s3r-dh5Nk5cpBSKdFBr_q1od0Lcrc3B465GQmQ6svLyi4o9FqF063fFqRTCjUfGnPdjxO3eH...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AtnTciOlF3s3r-dh5Nk5cpBSKdFBr_q1od0Lcrc3B465GQmQ6svLyi4o9FqF063fFqRTCjUfGnPdjxO3eH4em2QrTLYp0ZGIZkqTdcASOnTzPMhb...
170 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AtnTciOlF3s3r-dh5Nk5cpBSKdFBr_q1od0Lcrc3B465GQmQ6svLyi4o9FqF063fFqRTCjUfGnPdjxO3eH4em2QrTLYp0ZGIZkqTdcASOnTzPMhbV7gUPyXUDPoDBFx10znRB4WXHOJp7ujgq1Mkk
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 24 Aug 2022 19:11:26 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AtnTciOlF3s3r-dh5Nk5cpBSKdFBr_q1od0Lcrc3B465GQmQ6svLyi4o9FqF063fFqRTCjUfGnPdjxO3eH4em2QrTLYp0ZGIZkqTdcASOnTzPMhbV7gUPyXUDPoDBFx10znRB4WXHOJp7ujgq1Mkk
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 Aug 2022 19:11:25 GMT
pixel
cm.g.doubleclick.net/ Frame E254
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGTpdU4-lDX3wzh8hk87dxg&google_cver=1&google_push=AehlK4Aj7z_-tv5jilGTS948PZWy-U4pBL07puM479y6WqLntgKD1iCUNiXHt9HNzHncEQZVWeZVB92...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4Aj7z_-tv5jilGTS948PZWy-U4pBL07puM479y6WqLntgKD1iCUNiXHt9HNzHncEQZVWeZVB92CpjiTk4kH_KhyKF9SqGB8hrNzKC7HI6X_z1EX4lTXu6cmFIhd...
170 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4Aj7z_-tv5jilGTS948PZWy-U4pBL07puM479y6WqLntgKD1iCUNiXHt9HNzHncEQZVWeZVB92CpjiTk4kH_KhyKF9SqGB8hrNzKC7HI6X_z1EX4lTXu6cmFIhdwfHJbOXGLUHzJzDPvLEpv9wYsAw&google_hm=Eo3r7zw_QI60u5mt11H7frE
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4Aj7z_-tv5jilGTS948PZWy-U4pBL07puM479y6WqLntgKD1iCUNiXHt9HNzHncEQZVWeZVB92CpjiTk4kH_KhyKF9SqGB8hrNzKC7HI6X_z1EX4lTXu6cmFIhdwfHJbOXGLUHzJzDPvLEpv9wYsAw&google_hm=Eo3r7zw_QI60u5mt11H7frE
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E254 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP7SYwQinJgiaYyfLwEwWwE&google_cver=1&google_push=AehlK4BeCQfzjd5IXdWTsDVbA19I899tGhJC4Q_WBX94AxFDtsn6vDEGS1zb6TVErC2NhvwmPeDDPstuZpI58PgQ_1kLiHJGcGp-tDc6viP-m3hjU7zfYfscQaGrYaYpmCe1Jn8ny0Li36FoATqnI3qmmOQ
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame E254
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEELumXPaZwey2Rq5GYeowv4&google_cver=1&google_push=AehlK4DDO52MDJXD9L-Q2eMl3XJjugl74MOJCuhlj09uWB1sk4avYBBphFSRNgXWGD_a8e0von0swVl1...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEELumXPaZwey2Rq5GYeowv4&google_cver=1&google_push=AehlK4DDO52MDJXD9L-Q2eMl3XJjugl74MOJCuhlj09uWB1sk4avYBBphFSRNgXWGD_a8e0von0...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIxNDgwOTI1OTAzODUzNzc1Nw&google_push=AehlK4DDO52MDJXD9L-Q2eMl3XJjugl74MOJCuhlj09uWB1sk4avYBBphFSRNgXWGD_a8e0von0swV...
170 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIxNDgwOTI1OTAzODUzNzc1Nw&google_push=AehlK4DDO52MDJXD9L-Q2eMl3XJjugl74MOJCuhlj09uWB1sk4avYBBphFSRNgXWGD_a8e0von0swVl1r7rm4or4WjmAjGs3ioXdsIDOD_d3I6sFDj4Nlrop2h5Yd4dxvIuQvLHz449jeLiMtmXnOGAvtXY
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIxNDgwOTI1OTAzODUzNzc1Nw&google_push=AehlK4DDO52MDJXD9L-Q2eMl3XJjugl74MOJCuhlj09uWB1sk4avYBBphFSRNgXWGD_a8e0von0swVl1r7rm4or4WjmAjGs3ioXdsIDOD_d3I6sFDj4Nlrop2h5Yd4dxvIuQvLHz449jeLiMtmXnOGAvtXY
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E254
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPQS0diAwYMYfsH789tLL-o&google_cver=1&google_push=AehlK4BXjSUA_BLNTULUZmRc26vslFRaGbFCA5BGoexos38mnzghJzoSS2K-uSPSVQvI1YZBqrw8sU5KuEpdU...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPQS0diAwYMYfsH789tLL-o&google_push=AehlK4BXjSUA_BLNTULUZmRc26vslFRaGbFCA5BGoexos38mnzghJzoSS2K-uSPSVQvI1YZBqrw8sU5KuEpdU...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BXjSUA_BLNTULUZmRc26vslFRaGbFCA5BGoexos38mnzghJzoSS2K-uSPSVQvI1YZBqrw8sU5KuEpdUlMCArhG0pW9gFiLva4w0mq2d33tDAcy8d1-rbCth2o-gm0...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BXjSUA_BLNTULUZmRc26vslFRaGbFCA5BGoexos38mnzghJzoSS2K-uSPSVQvI1YZBqrw8sU5KuEpdUlMCArhG0pW9gFiLva4w0mq2d33tDAcy8d1-rbCth2o-gm0klmbeH7X1a61_dmSTWn1yBy0&google_hm=b09mNlNsVkN4ZXlqZGhLZkR6U0w=
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:26 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BXjSUA_BLNTULUZmRc26vslFRaGbFCA5BGoexos38mnzghJzoSS2K-uSPSVQvI1YZBqrw8sU5KuEpdUlMCArhG0pW9gFiLva4w0mq2d33tDAcy8d1-rbCth2o-gm0klmbeH7X1a61_dmSTWn1yBy0&google_hm=b09mNlNsVkN4ZXlqZGhLZkR6U0w=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E254
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3smvmd7XRx2CFlvUe1Mbvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3smvmd7XRx2CFlvUe1Mbvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BY-xL3oBgIbZLzOM8t9uEcs9DaqeXUZhR_pb6ScIPg4no3fvTnNIOGsAN4ycHeaK-hqlBUmyDGBlZP4_hwpfPzoG7z2c3WMWiLrbDnllo3gnif9ORKJATlDVGOe-CypF-hTuWQwsuVLMfRVDB1UQ
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3smvmd7XRx2CFlvUe1Mbvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BY-xL3oBgIbZLzOM8t9uEcs9DaqeXUZhR_pb6ScIPg4no3fvTnNIOGsAN4ycHeaK-hqlBUmyDGBlZP4_hwpfPzoG7z2c3WMWiLrbDnllo3gnif9ORKJATlDVGOe-CypF-hTuWQwsuVLMfRVDB1UQ
date
Wed, 24 Aug 2022 19:11:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame E254 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZzSOt1NIJwHrfTwSmOxSXC1WWFQ95GRHCL0nYZ5OjlYZN39T7PxvldTqBngezgVl8-Rlz
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
createjs.min.js
code.createjs.com/1.0.0/ Frame AFA2 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.171.123 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Wed, 24 Aug 2022 19:26:26 GMT
2205_SEMBA_iProspect_banners_300x250.js
s0.2mdn.net/sadbundle/14196359717863263274/ Frame AFA2 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.js?1655250755257
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
3004b319a2427a6a57c345f5e6edd582ee3e421592a39fca700e3e4c14e17bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 13:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452347
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10309
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Aug 2023 13:32:18 GMT
bqi.php
lg3.media.net/ Frame CA83 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2885&lf=3&&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_l2type=sca&pid=8POGBHUQ8&katbid=-102&katen=1&cme=ITiPEpxgRI11KzfivA8Umfg98x36-y0MNiPfPhI3Zdr4KK-lHKV7BwNoYgRJc7-ZD3SdsbMCwK-RmoQVb_qjnCx0Iy4jBRLrD1BLVjpsIP49f3aa6ZVxR2qrWnr0o7CeBpIA019T6zLobHSQRf2v5vJp_bbHz98CUbvJDlHY1wQxUxI1v7II2JyF2FY4hq3E5DGgWOdAL7L_MJ4KOBtvOw==||u8A6SM53vAfcrpZuel3W3DwMTuFdyyxb|R0pGwT-1wLcnervD5TbKub4gKhjiBXnT|WGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U=|mJDBK7pPurxM0g3IbGjQMssb6_feyRx7uMrEu_9Baq2jqGyc_SrM_VeZ-ecyz3uo7dcT9oBpA0hscN43jf5g-kGcgRhBRDPTeLLZ2iNJpCw=|ZEwYz94Rgabfv6ctfB1Am7wf3x9Wdd_TdBFSNZs-sURdvlS2hnxGSfzZwC6NKvwHgKUN6cXZZwc1onmrmVKSRnSAzSYFiy48NMQvFakqTC83MPbPdmteXssUWbXQ87mAX3_7xUKvU9rEySdHQEtpJfkM7aNHgmHjNYVsOgWwJl9aoYf1aQ13LLYs3RmD9A8tXDcpd9H5qRs8QI1MfJjSz-jFuw1FAyH9yTmh1qpB_lY=|&gdpr=0&prid=8PRVCXX19&cid=8CU4JWBS7&crid=781214713&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&vi=1661368283271506453&ugd=4&cc=AU&sc=NSW&bdrid=4&subBdr=196&startTime=1661368283872&l2type=sca&vgd_l1rakh=1661368283129331632&l1ch=1&sttm=1661368283879&upk=1661368284.14815&hvsid=00001661368283879029185683699017&acid=dcf05472f2e1467b85a690e1ad434026&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.78~smm_bid%3D0.01~vis_sd%3D580~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022082405~iurl_b%3D5460.01~url_tkc%3D0~std%3D22132338~last%3D~vis_url_b%3D0.91~ip%3D3bw0Xn~fbb%3D0~vis_url_l%3D30~riipua%3D0%2C0~et%3D29~rc%3D1~rps_sd%3D2022082404~vis_b%3D970.17~url_b%3D0.18~url_tvi%3D0~smm_wr%3D26.8760~ecp_eer%3D9~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022082412~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daAV5wcVYOVVCEG~btd%3D60213921829350675618155537944742630214711615359683909526198792783086194156572672~d2p_l%3D50~3pcf%3D396.83~uim%3D304~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.99~ogd2p_b%3D0.98~vurl_b%3D0.43~ss%3DNA~uiw%3D60~ce%3D0~rps_b%3D25.4~vurl_l%3D30~CI%3D2724~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.35~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.58~ivurl_l%3D30~supply_tag_id%3D22132338%7Eviewability%3D0.784585%7Ecbdp%3D0.010%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Dsmm%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Esmm_api%3Dv1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D103&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=NSW&lineitemid=4&infr=1&stime=1661368282697&vgd_ecrid=352177074&l1hcsd=l1!A12|5535&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22west_la%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p0629732854t202208241911&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.87.200.25 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-200-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Server
Apache
Date
Wed, 24 Aug 2022 19:11:25 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=63761
Connection
keep-alive
Content-Length
15
usync.js
eus.rubiconproject.com/ Frame 9223 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.164.213 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-164-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19364
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Thu, 25 Aug 2022 00:34:09 GMT
pixel.gif
px.moatads.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcreative.stackadapt.com%2Ficons%2Fadchoices%2Fadchoices.png&i=STACKADAPTDISPLAY1&ol=3739141059&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-AtzSsj5UIp%2B9WA%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=254&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co&id=0&ii=2&f=1&j=https%3A%2F%2Fadx.holmesmind.com&lp=https%3A%2F%2Fwww.bg3.co&t=1661368285389&de=593230341863&cu=1661368285389&m=86&ar=1da355aa18f-clean&iw=0e4fd02&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=57&cd=0&ah=57&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=19380%3A264649%3A2314848%3A934391782&bo=156&bp=icook.tw&bd=pub-7945044863874787&gw=stackadaptdisplay515602019759&zMoatOrigSlicer1=156&zMoatOrigSlicer2=icook.tw&hv=DOMSEARCH&ab=3&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jk=-1&jm=-1&mr=0&ml=-&tc=0&fs=199703&na=325679315&cs=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BE96 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ce3a25d4ac03c407ee79e68143d11bccea88a9903a6fb80d5c6f095b454a86

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73fe64cdef596a72-SYD
content-encoding
br
content-type
text/html
date
Wed, 24 Aug 2022 19:11:26 GMT
dropped-udsids
241|39|230|73|65|195|191|123
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcyWy%2FbhTmdyTHqKRZH%2FI1Sm3cQPOA7vXO%2FHE8Je46CCiC8tPs8wTnye8gRBmiwYqzJ4XB%2FE%2FyFjrrMRWdz074g5v3Y0BsZxwr6pxuCOCheneOYB6j2OMWIxtIweMcJwREPZ1vF8kssUJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 95CA 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70572063&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
804959f61d0344663385d263558432e61b354e7e09091502d922f601bc15000a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tap.php
pixel.rubiconproject.com/ Frame 9223
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECTBexAURfoatbVYVuk59Rg&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECTBexAURfoatbVYVuk59Rg&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECTBexAURfoatbVYVuk59Rg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esync
token.rubiconproject.com/ Frame 9223
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 24 Aug 2022 19:11:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
ads.yahoo.com/cms/ Frame 9223
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L77ZS1RY-1N-KEXB&sigv=1&esig=2~609f47645505a90df014988f1d81db9a0eda15cb
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L77ZS1RY-1N-KEXB&sigv=1&esig=2~609f47645505a90df014988f1d81db9a0eda15cb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Server
106.10.236.40 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L77ZS1RY-1N-KEXB&sigv=1&esig=2~609f47645505a90df014988f1d81db9a0eda15cb
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9223
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTc1ZjY4ZTRiNWFkM2VjMjdjNjM2ZDNkNmY4ZjRiNDg5NTIyMDBiYg
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTc1ZjY4ZTRiNWFkM2VjMjdjNjM2ZDNkNmY4ZjRiNDg5NTIyMDBiYg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTc1ZjY4ZTRiNWFkM2VjMjdjNjM2ZDNkNmY4ZjRiNDg5NTIyMDBiYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9223
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=I3-z1BP4Qvu3y7ziaLjVUA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I3-z1BP4Qvu3y7ziaLjVUA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I3-z1BP4Qvu3y7ziaLjVUA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C9HJPFVY406W88P4VM0P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=I3-z1BP4Qvu3y7ziaLjVUA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9223
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1XM60XH7R9a2feWfj_1hFA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1XM60XH7R9a2feWfj_1hFA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1XM60XH7R9a2feWfj_1hFA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
HTTP/1.1
Server
52.95.126.160 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9B0GJ9PW8KWWB5YNF4D8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1XM60XH7R9a2feWfj_1hFA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9223
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3WlMxUlktMU4tS0VYQg==
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3WlMxUlktMU4tS0VYQg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc3WlMxUlktMU4tS0VYQg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 9223
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L77ZS1RY-1N-KEXB
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L77ZS1RY-1N-KEXB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C7150CDA7E044CA59442D99B61FA24D3 Ref B: SYD03EDGE1415 Ref C: 2022-08-24T19:11:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXnAXKYDATQMgQvE6hjKw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L77ZS1RY-1N-KEXB
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CBAB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=123809
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 24 Aug 2022 19:11:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 05:34:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame FAD8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.74.137.60 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-137-60.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
101444b3f16794386e86fc43c4e1db6260629c4eb3b0e36de0855e09eb10ae82

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 24 Aug 2022 19:11:26 GMT
etag
W/"00bc0533b08be9325da8be187a1ddfe58"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame F8BD 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 7D63 		833 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
2c6863095b8de954122a28a6fb24b576e166d8e2472b1a535119181d3f12d4a9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
833
content-type
text/html
date
Wed, 24 Aug 2022 19:11:26 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 63AA 		1 KB
1021 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3dc66d3a1087327a51897dd42d2e26e177837d207d0a2db789b12edea7b7b59

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73fe64cdef5d6a72-SYD
content-encoding
br
content-type
text/html
date
Wed, 24 Aug 2022 19:11:26 GMT
dropped-udsids
241|39|230|73|105|26|64|152
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6DC0IMTmmiLQpoLhx30e1WXQDgYpM5qJ7ez1vt9KIWb7YCMAwFfpkCFQZLsFpsXVT0MUqFXneqzio5mulFE7Y%2FSoUVTUrLK9kDG1ugS%2FRtKj3sa1d8YIVS1niubH9SFOIrGdfOtotq4WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D1B7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.164.213 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-164-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Aug 2022 19:11:26 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 24 Aug 2022 19:11:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame F2FE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L77ZS1RY-1N-KEXB&gdpr=0&us_privacy=1YN-
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L77ZS1RY-1N-KEXB&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
52.71.232.26 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L77ZS1RY-1N-KEXB&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
sync
ads.servenobid.com/ Frame F2FE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7093734920555040481
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7093734920555040481
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:26 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
08b5754f-2a02-4154-b775-a3c20d8726cf
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=7093734920555040481
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F2FE
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FM2_DRZHSviTofGvRYeTCTt8
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FM2_DRZHSviTofGvRYeTCTt8
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FM2_DRZHSviTofGvRYeTCTt8
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame F2FE
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FM2_DLZHEZc_dIXDRQqYMJA5
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FM2_DLZHEZc_dIXDRQqYMJA5
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Wed, 24 Aug 2022 19:11:27 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FM2_DLZHEZc_dIXDRQqYMJA5
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame F2FE
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiNmVkMzU4M2YtYTY1MC00ZGYzLThmMmMtODk5MWFiNDNkZmNhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQxOToxMToyNy4yNzM4NzdaIn0=
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiNmVkMzU4M2YtYTY1MC00ZGYzLThmMmMtODk5MWFiNDNkZmNhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQxOToxMToyNy4yNzM4NzdaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiNmVkMzU4M2YtYTY1MC00ZGYzLThmMmMtODk5MWFiNDNkZmNhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQxOToxMToyNy4yNzM4NzdaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
usersync
usersync.gumgum.com/ Frame F2FE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-5a556040-9ba5-4378-9175-396b51281898-004&rndcb=3318264308
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606&google_hm=YzI3MmVhNTMtYjU1Ni00YjQ1LWFkNTMtNmM1NDI4OGVh...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKKlzEtDFHeNAbz6nMgTjCs&google_cver=1&ssp=adconductor&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606
  • https://sync.1rx.io/usersync/bidswitch/c272ea53-b556-4b45-ad53-6c54288ea606?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-5a556040-9ba5-4378-9175-396b51281898-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-5a556040-9ba5-4378-9175-396b51281898-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-5a556040-9ba5-4378-9175-396b51281898-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-5a556040-9ba5-4378-9175-396b51281898-004
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5a5560409ba543789175396b51281898004
content-type
text/html
sync
ads.servenobid.com/ Frame F2FE
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1917759393997953743
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1917759393997953743
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1917759393997953743
Date
Wed, 24 Aug 2022 19:11:26 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame F2FE
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=24e8009d-a934-41d8-9f78-1dc658de905e
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=24e8009d-a934-41d8-9f78-1dc658de905e
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-11
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=24e8009d-a934-41d8-9f78-1dc658de905e
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cookie
cm.adform.net/ Frame F2FE
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F626%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D07f9ecbf-f245-4211-b1f9-a53720...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F626%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D07f9ecbf-f245-4211-b1f9-a5372042b5fa%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.2.237 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F626%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D07f9ecbf-f245-4211-b1f9-a5372042b5fa%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Wed, 24 Aug 2022 19:11:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame F2FE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
date
Wed, 24 Aug 2022 19:11:26 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame F2FE 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.175.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-175-17.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store
vary
origin
expires
0
sync
ads.servenobid.com/ Frame F2FE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
date
Wed, 24 Aug 2022 19:11:26 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=184&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=19380&L2id=264649&L3id=2314848&L4id=934391782&S1id=156&S2id=icook.tw&ord=1661368285389&r=593230341863&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-0067-166136828308546567024543-4&bedc=1&q=1&BSD=unsafe&BSC=gs_hobby,moat_unsafe,gv_crime,gs_busfin_business,gv_military,gs_busfin_indus,gs_law_misc,gs_busfin_indus_energy,gs_sport,gv_death_injury,gs_busfin&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:26 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=184&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=19380&L2id=264649&L3id=2314848&L4id=934391782&S1id=156&S2id=icook.tw&ord=1661368285389&r=593230341863&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-0067-166136828308546567024543-4&bedc=1&q=2&BSD=unsafe&BSC=gs_hobby,moat_unsafe,gv_crime,gs_busfin_business,gv_military,gs_busfin_indus,gs_law_misc,gs_busfin_indus_energy,gs_sport,gv_death_injury,gs_busfin&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
125.56.226.34 , Singapore, ASN24319 (AKAMAI-TYO-AP Akamai Technologies Tokyo ASN, SG),
Reverse DNS
a125-56-226-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:26 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=184&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=19380&L2id=264649&L3id=2314848&L4id=934391782&S1id=156&S2id=icook.tw&ord=1661368285389&r=593230341863&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-0067-166136828308546567024543-4&bedc=1&q=3&BSD=unsafe&BSC=gs_hobby,moat_unsafe,gv_crime,gs_busfin_business,gv_military,gs_busfin_indus,gs_law_misc,gs_busfin_indus_energy,gs_sport,gv_death_injury,gs_busfin&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:26 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=184&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=19380&L2id=264649&L3id=2314848&L4id=934391782&S1id=156&S2id=icook.tw&ord=1661368285389&r=593230341863&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-0067-166136828308546567024543-4&bedc=1&q=4&BSD=unsafe&BSC=gs_hobby,moat_unsafe,gv_crime,gs_busfin_business,gv_military,gs_busfin_indus,gs_law_misc,gs_busfin_indus_energy,gs_sport,gv_death_injury,gs_busfin&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
125.56.226.34 , Singapore, ASN24319 (AKAMAI-TYO-AP Akamai Technologies Tokyo ASN, SG),
Reverse DNS
a125-56-226-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:26 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=184&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=19380&L2id=264649&L3id=2314848&L4id=934391782&S1id=156&S2id=icook.tw&ord=1661368285389&r=593230341863&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-0067-166136828308546567024543-4&bedc=1&q=5&BSD=unsafe&BSC=gs_hobby,moat_unsafe,gv_crime,gs_busfin_business,gv_military,gs_busfin_indus,gs_law_misc,gs_busfin_indus_energy,gs_sport,gv_death_injury,gs_busfin&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:26 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=184&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=19380&L2id=264649&L3id=2314848&L4id=934391782&S1id=156&S2id=icook.tw&ord=1661368285389&r=593230341863&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-0067-166136828308546567024543-4&bedc=1&q=6&BSD=unsafe&BSC=gs_hobby,moat_unsafe,gv_crime,gs_busfin_business,gv_military,gs_busfin_indus,gs_law_misc,gs_busfin_indus_energy,gs_sport,gv_death_injury,gs_busfin&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
125.56.226.34 , Singapore, ASN24319 (AKAMAI-TYO-AP Akamai Technologies Tokyo ASN, SG),
Reverse DNS
a125-56-226-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:26 GMT
async_usersync
ib.adnxs.com/ Frame 889A 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:26 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0bf9804f-b2b3-4499-855e-e81324b99ca2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
stackadaptdisplay515602019759.s.moatpixel.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplay515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=992&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=19380&L2id=264649&L3id=2314848&L4id=934391782&S1id=156&S2id=icook.tw&ord=1661368285389&r=593230341863&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-0067-166136828308546567024543-4&bedc=1&q=7&BSD=unsafe&BSC=gs_hobby,moat_unsafe,gv_crime,gs_busfin_business,gv_military,gs_busfin_indus,gs_law_misc,gs_busfin_indus_energy,gs_sport,gv_death_injury,gs_busfin&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:26 GMT
pixel.gif
stackadaptdisplayhourly515602019759.s.moatpixel.com/ Frame F23E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stackadaptdisplayhourly515602019759.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=992&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=19380&L2id=264649&L3id=2314848&L4id=934391782&S1id=156&S2id=icook.tw&ord=1661368285389&r=593230341863&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatIMP=1&zMoatAuction=1-0067-166136828308546567024543-4&bedc=1&q=8&BSD=unsafe&BSC=gs_hobby,moat_unsafe,gv_crime,gs_busfin_business,gv_military,gs_busfin_indus,gs_law_misc,gs_busfin_indus_energy,gs_sport,gv_death_injury,gs_busfin&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
125.56.226.34 , Singapore, ASN24319 (AKAMAI-TYO-AP Akamai Technologies Tokyo ASN, SG),
Reverse DNS
a125-56-226-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 24 Aug 2022 19:11:26 GMT
usync.js
eus.rubiconproject.com/ Frame 737D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.164.213 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-164-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19363
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Thu, 25 Aug 2022 00:34:09 GMT
dcm
s.amazon-adsystem.com/ Frame BE96
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8W7WKD3NBZSWKXYA66HE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1ET9SNPKMRDQA6PQFDSM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BE96
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=492e6757-f51f-41aa-a4dc-76241c67fd3b&expiration=1663960286&gdpr=0&gdpr_consent=
43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=492e6757-f51f-41aa-a4dc-76241c67fd3b&expiration=1663960286&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d0399fa941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M38uWMdLYm%2Bs%2FwdpFRZXFykj%2BjISn0%2Fg3ciuQYU%2F4Q9aZIpHitUNa7vuNImyMhKnbrqTonLQc6rlomZcKjws7UhNL1Cn7ZnyvzE%2FAdHCNjj0%2BdC%2Fv466jAwwh2Tqj0vI73SUDjWAhcy%2Fug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=492e6757-f51f-41aa-a4dc-76241c67fd3b&expiration=1663960286&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame BE96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBpj9S_rjvpO96KwW39gCek&google_cver=1
43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBpj9S_rjvpO96KwW39gCek&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d17c84aae7-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rK7IEBgi8OORL3PZ1tyubmMhSiLNuLjHAi7%2B6ch%2F1ag28LMrdG8092XVF0RbplbECuHk6%2FPkFirVr%2BNkW9VjE%2FftfAnTMiayzLZg04GfZGBBu0jLl1ua9ToyZ7Npa9CoBTQBDf2D2GxFIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBpj9S_rjvpO96KwW39gCek&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BE96 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.175.9 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum.casalemedia.com/ Frame BE96
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=5376ca2cbc82261&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMNsRZZLPX8wMB06v2AAAAAAA&expiration=1661454687&is_secure=true
43 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMNsRZZLPX8wMB06v2AAAAAAA&expiration=1661454687&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d6fb49aad7-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hU4gKr%2F6%2F55GUdt1T%2BTLwNKQbKfM6yX%2BHkzBq4kiAUfK7%2BgV1dXbcDc2QxePzhANgsi%2By9sVDEW9jYltUPid%2FEdgjsTvMXwJdfH0n0ZhfAQsKdHuZDQCJmGgdXq3Y%2BsRhqbLpt9t"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMNsRZZLPX8wMB06v2AAAAAAA&expiration=1661454687&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame BE96
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c6f247fa-a8eb-47d7-8dd2-ffc736bcfff6
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c6f247fa-a8eb-47d7-8dd2-ffc736bcfff6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d58bcca941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTvzHSDYZ7OWMzRi8x6y9xLgD6f1JW9wkfTqXzIyBc2R3AV%2BOZCywsWUJvWu5TFYBQ589tr6YxFAoyJGsj8AnnHgWebt8MM67CflA6Im53GvAnaRTuBHQODP0azQ1ALMRISD0g%2BNSBiU0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c6f247fa-a8eb-47d7-8dd2-ffc736bcfff6
date
Wed, 24 Aug 2022 19:11:27 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum.casalemedia.com/ Frame BE96
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2b4b8401-fefd-76aa-77ee29db
43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2b4b8401-fefd-76aa-77ee29db
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d42d20a95f-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmr35TR9Tx5baqWMO3tfd0TXeoupwkzFTumm96ReQ%2FlxeWxdwvPQ53LqwVnMAGYhUTC8Mbj9qnz0HTXgyj16bCaBiV%2FUkoSv%2F8V4TEsDfyJimuCI4RFR022P5ULEnRfM8o1unBY0"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 24 Aug 2022 19:11:26 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=2b4b8401-fefd-76aa-77ee29db
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame BE96
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=wQf48xvNTrRJnGNlsu9V3K310bE
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=wQf48xvNTrRJnGNlsu9V3K310bE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d19a2ba941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kl4XG4Xz0BL76G3n%2B4PuY3jf8KoAmFafJDjIJlZzvAZEz16uB47uOOnklLOWcuL%2FkwXIt8zmtYMbi0mxkOrzZ6yg%2FDVGMPvN95TWkh8uDB3AZwkCsCMPwnZGsByDNrdKDF%2FLHg%2B5s5JR8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=wQf48xvNTrRJnGNlsu9V3K310bE
Date
Wed, 24 Aug 2022 19:11:26 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame BE96 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YwZ33F2KtzHErm0Xp68OOwAA%26883
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
cf-cache-status
HIT
age
67
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73fe64d0fc96a807-SYD
expires
Wed, 24 Aug 2022 23:11:26 GMT
dcm
s.amazon-adsystem.com/ Frame 63AA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
256CTBEFE4E8ZVS26YK2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HNA3052XCE1AFNYFZ9XC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 63AA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=492e6757-f51f-41aa-a4dc-76241c67fd3b&expiration=1663960286&gdpr=0&gdpr_consent=
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=492e6757-f51f-41aa-a4dc-76241c67fd3b&expiration=1663960286&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d049a9a941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wSMk%2FZ3E9sKKNZnGtxTkNVMboQ6jr3ecb9bTWGMOu%2BTY4uWFpFE5KXibPMUr0bRAXVuq8Ot5cq1YuvxksNtKSQ5HwDIKnDAyxga8h0iMBjLBeO4T8pW%2BYwJqdB0nNFLXG7p%2Frei%2F%2FdSQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=492e6757-f51f-41aa-a4dc-76241c67fd3b&expiration=1663960286&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 63AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBpj9S_rjvpO96KwW39gCek&google_cver=1
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBpj9S_rjvpO96KwW39gCek&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d17c82aae7-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utwY%2FqICOGrUi2O0F5wgz%2Bk4LELbdmTJpk1sJ5doeJjfTMxfWlGdVzcXId5znh7OpHGm0SqdUes0z3Q7VIXieGLD7YtjHnXkJbL5lZ3JdFiJpVhHoWx3UyaMG749fJ4Z1syS75AITBOnGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBpj9S_rjvpO96KwW39gCek&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 63AA 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.175.9 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 63AA
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d39aeba941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FublN7aJNLodoSStFNJcdVfYI1ERnl0Cwbst0SBgin%2F6Mc3NOaS5UvxxK%2B1fU4JOevfrU2WmUNzubKfJU4reCAPTu4FQe0LYNyIgicJiXFH9WiyPW2HLhXTNuSLg0Wca8WLw0WsKrD6nYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 24 Aug 2022 19:11:27 GMT
server
nginx/1.20.0
content-length
76
rum
dsum-sec.casalemedia.com/ Frame 63AA
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YwZ33F2KtzHErm0Xp68OOwAA%26883
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=26d68de9-0124-43da-8cf1-92b63e19f14e-tuct9fffd5f
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=26d68de9-0124-43da-8cf1-92b63e19f14e-tuct9fffd5f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d78ce5a941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=467lTir6be5XK2fpOS7Zpq%2BvqcxSC1sA%2FTFVHXWev02EWoBqZq1nezpwZYnsfOL7jMeUF91IMLIPFbuL96kDoHXMRPaizGbByJzOITmax1VHItPXiZtWo7lfYIkujyKMP7d33cXL8gmiHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=26d68de9-0124-43da-8cf1-92b63e19f14e-tuct9fffd5f
date
Wed, 24 Aug 2022 19:11:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
414075
qmap
sync.crwdcntrl.net/ Frame 63AA
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...
49 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
52.74.186.80 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:28 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.30.229
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:28 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D70e8d359-fdd1-4486-a56a-155f92174b17-630677df-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y
cache-control
no-cache
x-server
10.42.0.8
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 63AA
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7bb49a11-ea76-4117-96d9-d37b4c679528
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7bb49a11-ea76-4117-96d9-d37b4c679528
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73fe64d77cdaa941-SYD
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEOfR8QFh35TlOFho7PNVcS%2BQ2RovLC6FMz8TdEsQAgMWeJzmnJNlTxAHhjJB07dtlw5SOU%2F1fn4kh6WdYuN0fxjEKj6aycB7pPqsBqRHFI0pSxrF5aeb07O6lZRIYiaezWicInMl%2FUAzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7bb49a11-ea76-4117-96d9-d37b4c679528
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
ads.servenobid.com/ Frame 63AA 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
match
c1.adform.net/serving/cookie/ Frame ACDC 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=DEC9AF99-DED7-471D-8216-5BD47B531BBF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 24 Aug 2022 19:11:26 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3593
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:26 GMT
Expires
Wed, 24 Aug 2022 19:11:25 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master nrt-pixel-x6 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 0110
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwZ33gAI1ooBGgAK&gdpr=0&gdpr_consent=&_test=YwZ33gAI1ooBGgAK
1 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwZ33gAI1ooBGgAK&gdpr=0&gdpr_consent=&_test=YwZ33gAI1ooBGgAK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 24 Aug 2022 19:11:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwZ33gAI1ooBGgAK&gdpr=0&gdpr_consent=&_test=YwZ33gAI1ooBGgAK
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10146-SYD
x-timer
S1661368287.199174,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 6387
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wst165wpbz2
1 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wst165wpbz2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Wed, 24 Aug 2022 19:11:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wst165wpbz2
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 4383 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:27 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 781E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:26 GMT
expires
Wed, 24 Aug 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2068336
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pxd
dps.jp.cinarra.com/ Frame 4C87 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=DEC9AF99-DED7-471D-8216-5BD47B531BBF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.231.86 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Wed, 24 Aug 2022 19:11:27 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0E5D
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=128debef3c3f408eb4bb99add751fb7e
42 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=128debef3c3f408eb4bb99add751fb7e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Wed, 24 Aug 2022 19:11:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=128debef3c3f408eb4bb99add751fb7e
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame A76D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zj2wRe0w1OqVMF5&gdpr=0&gdpr_consent=
42 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zj2wRe0w1OqVMF5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 24 Aug 2022 19:11:26 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zj2wRe0w1OqVMF5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-01afc7b9ae03f914c@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E5C6
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PemK8abuDdOMKvEc33cGYw
42 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PemK8abuDdOMKvEc33cGYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 Aug 2022 19:11:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PemK8abuDdOMKvEc33cGYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
RX-5a556040-9ba5-4378-9175-396b51281898-004
sync.targeting.unrulymedia.com/csync/ Frame 8909
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-5a556040-9ba5-4378-9175-396b51281898-004&rndcb=7426980750
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadcon...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=df76a3257ede47ccac256be580d09a7a&ssp=adconductor&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=&consent=&gdpr_pd=&expires=7
  • https://sync.1rx.io/usersync/bidswitch/c272ea53-b556-4b45-ad53-6c54288ea606?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
43
date
Wed, 24 Aug 2022 19:11:28 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 24 Aug 2022 19:11:28 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 85BF
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8d7c0170-23e0-11ed-864a-cf979e5379e4
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8d7c0170-23e0-11ed-864a-cf979e5379e4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:27 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=8d7c0170-23e0-11ed-864a-cf979e5379e4
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
aws-apsoutheast1a-delivery-1
server
Cowboy
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2BE8
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=082d5ab6-6f30-421e-899e-6ffd32c003f1-tuct9fffd5e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
77 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=082d5ab6-6f30-421e-899e-6ffd32c003f1-tuct9fffd5e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 24 Aug 2022 19:11:27 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10121-SYD
x-timer
S1661368287.081916,VS0,VE130

Redirect headers

accept-ranges
bytes
content-length
0
date
Wed, 24 Aug 2022 19:11:26 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=082d5ab6-6f30-421e-899e-6ffd32c003f1-tuct9fffd5e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10121-SYD
x-timer
S1661368287.885918,VS0,VE94
x-vcl-time-ms
94
cookiesync
core.iprom.net/ Frame 1ADB 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:28 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-7d7c846c65f1@version_1.522v2
X-core-time
0ms
X-server-arch
v2
i.match
a.tribalfusion.com/ Frame 8A0E 		43 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
73fe64d06d6caabe-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 24 Aug 2022 19:11:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame 02C0
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73fe64d1094aaae4-SYD
content-length
0
date
Wed, 24 Aug 2022 19:11:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
141
match.deepintent.com/usersync/ Frame 931B 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Wed, 24 Aug 2022 19:11:26 GMT
server
b
cksync.php
contextual.media.net/ Frame 167F 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3043698846836918000V10&type=pba&refUrl=&vid=13682853683043698846836918000V10&ovsid=DEC9AF99-DED7-471D-8216-5BD47B531BBF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Wed, 24 Aug 2022 19:11:26 GMT
expires
Wed, 24 Aug 2022 19:11:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 95CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3smvmd7XRx2CFlvUe1Mbvw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=123809
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 26 Aug 2022 05:34:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 95CA
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=DEC9AF99-DED7-471D-8216-5BD47B531BBF
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJERFQzlBRjk5LURFRDctNDcxRC04MjE2LTVCRDQ3QjUzMUJCRhAAGg0I3u-ZmAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=934cd4f547f36da23e57c7d045a4084776f5ccef3e8f37739b7144f948687e0d791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5MzRjZDRmNTQ3ZjM2ZGEyM2U1N2M3ZDA0NWE0MDg0Nzc2ZjVjY2VmM2U4ZjM3NzM5YjcxNDRmOTQ4Njg3ZTBkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5MzRjZDRmNTQ3ZjM2ZGEyM2U1N2M3ZDA0NWE0MDg0Nzc2ZjVjY2VmM2U4ZjM3NzM5YjcxNDRmOTQ4Njg3ZTBkNzkxNDI2YjU0MTdkY2UyMRAAGgwI3--ZmAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=1f7a90d9-ad91-45ff-a2c1-276db803aac1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=1f7a90d9-ad91-45ff-a2c1-276db803aac1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=1f7a90d9-ad91-45ff-a2c1-276db803aac1
date
Wed, 24 Aug 2022 19:11:29 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=67af6306-77de-4d00-8b03-9c806ecb11b0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=67af6306-77de-4d00-8b03-9c806ecb11b0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 24 Aug 2022 19:11:26 GMT
Server
MT3 4494 7cf1da7 master nrt-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=67af6306-77de-4d00-8b03-9c806ecb11b0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 Aug 2022 19:11:25 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REVDOUFGOTktREVENy00NzFELTgyMTYtNUJENDdCNTMxQkJG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECNnY7yKtX-rqdWF4gj7Z6Q&google_cver=1
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECNnY7yKtX-rqdWF4gj7Z6Q&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECNnY7yKtX-rqdWF4gj7Z6Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D16BE78D8AB5410A9C314DA151F75D61
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D16BE78D8AB5410A9C314DA151F75D61
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 24 Aug 2022 19:11:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D16BE78D8AB5410A9C314DA151F75D61
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 23 Aug 2022 19:11:27 GMT
DEC9AF99-DED7-471D-8216-5BD47B531BBF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 95CA 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/DEC9AF99-DED7-471D-8216-5BD47B531BBF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.175.9 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=492e6757-f51f-41aa-a4dc-76241c67fd3b
42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=492e6757-f51f-41aa-a4dc-76241c67fd3b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=492e6757-f51f-41aa-a4dc-76241c67fd3b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hmrqW4duvlSdYLwL1G33XoE96Fidb-tdiGEmJIso
42 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hmrqW4duvlSdYLwL1G33XoE96Fidb-tdiGEmJIso
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hmrqW4duvlSdYLwL1G33XoE96Fidb-tdiGEmJIso
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7093734920555040481&gdpr=0&gdpr_consent=
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7093734920555040481&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:26 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dbea0289-6b29-4cf8-9ad6-55a7629d5bca
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7093734920555040481&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=6a8d9193-ce69-4409-8b4b-a786a39d89d1&expires=1&user_group=5&ssp=pubmatic&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Gi5pDNpE2uWQVGehBHUK9_mvVLB7nek-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Gi5pDNpE2uWQVGehBHUK9_mvVLB7nek-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Gi5pDNpE2uWQVGehBHUK9_mvVLB7nek-~A&gdpr=0&gdpr_consent=
date
Wed, 24 Aug 2022 19:11:26 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1801890834697363999
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1801890834697363999
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1801890834697363999
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2651021867338552653&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2651021867338552653&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2651021867338552653&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7093734920555040481
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7093734920555040481
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
89ce40d0-4ae1-4cb7-977e-efb5e154d160
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7093734920555040481
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 95CA
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3d5a049ed7ca205b&is_secure=true&networkId=17100&version=1&nuid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALeh4uM1T60gNXmIdbAAAAAAA&expiration=1661454687&nuid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&...
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALeh4uM1T60gNXmIdbAAAAAAA&expiration=1661454687&nuid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALeh4uM1T60gNXmIdbAAAAAAA&expiration=1661454687&nuid=DEC9AF99-DED7-471D-8216-5BD47B531BBF&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 95CA 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.74.137.60 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-137-60.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
cksync.php
contextual.media.net/ Frame 737D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L77ZS1RY-1N-KEXB
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L77ZS1RY-1N-KEXB
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L77ZS1RY-1N-KEXB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 24 Aug 2022 19:11:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 24 Aug 2022 19:11:27 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L77ZS1RY-1N-KEXB
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
cv
ap.srv.stackadapt.com/ Frame F23E 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.srv.stackadapt.com/cv?aid=1-0067-166136828308546567024543-4&iidx=0&cv=%20%22%22&iv=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd984a0348cfe234e505239641ff2ae1179adf5d1b1
Requested by
Host: 2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
URL: https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.89.184 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-89-184.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame D1B7 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.164.213 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-164-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19363
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Thu, 25 Aug 2022 00:34:09 GMT
_2205_SEMBA_bgtrianglebanner_300x250.jpg
s0.2mdn.net/sadbundle/14196359717863263274/images/ Frame AFA2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/images/_2205_SEMBA_bgtrianglebanner_300x250.jpg?1655250755250
Requested by
Host: 5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
URL: https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
da85253da6d57dacaa32050a0a7207b8d1bbe6e77d359e17bcc670c0dfabeac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 23:34:16 GMT
x-content-type-options
nosniff
age
70630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5220
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 23:34:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2815 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVFTs8GKpebw-OoSDAjwXRlHWxoLn_OjMGjtAK-Nbtca7AYeUrl2erDTMo__g_XlximZ-UMv_C8BNsg2vTlTMvneW2QwzzVeLgqI82ps0PzTGT0j9uJcWkBsJoaIlxEfYpWiYJjkcUO2S_2YrI6ZlcR53g5PvOOD2C-sRwltKv2H71OZlT3UIEXnkWf1_t2FBNrkaCW9uRy5Q2Cv7ErwSLHOSvlbFqHiLpDdkSeX5ofs9iE19094I6zaJVytZSC-9Q3-l6D3YpWly3FwALDC7FjAEldpD3St8EuK6Vs0Fz41dPF1CKEPaXq0hgbpX3fXM_rOkmD_bPNG75vCI4_hza3HmtiXuMovdz0IcRozvO1qulVgGCN_I0osEqeToOr8RhNNaGvEbTuy9N3nCRasdqUhS8HSBKQXMrESJJebxERHroonCMVXwlIaQtQpUPY13AHrpwt_PG3tpzNMQtALcDOv0yl7ZtncnLSNAnOSweMkh37qvI57rPNHV6Hz54i20J0tAswHEaM7PHE9N-_cU_IwPb2Kp9NBOWv1ocITRdusAWDk482KybZlCsccj4WmYvWTC7ipK8zjBH8xa_xrlZbv3zx7H6zqNVLtLPD95JKfEPe3766rOEGH1CcE1QutGbMUvG81gzYTp3IjJLzvfsOtuFtKMTWOboPHuRU6g5oSLm9ptLKPSjdiUUHLh0gEvo3Bu211Fbrg_mz1wTGmA4v2V4UdprHaYUoi98V8qyLLjOT9FZJZsz44iqjWbndPrjiTJPoVNz-IvgRP-0QWgvHVxxp7Mudlk9yF88kbHC70UI1RaARkMK9IfV0DiFn4QbUAVX2f0zNF3TDr2TDELj7NJZFnFRkMkNxM-_DxcfSuTE0eQvDWXEZ7pEhQywiOVpxeLCP7PAT7qf7PFynrjDvWnBRMLM-hFutaJGkgXQDjMtAg6agMdB3zB-o8vQ3M6WlBnATdIjaumriLjjUrJVFWjvh6EHn8WSpuN3XY1pbmJ-jmO_nqDmfsDq0lKAzyS9ngb4gxnaRbe_BOauxAX4WYq8bDvvMEoMLd-ROyfjsKa6z16wJYZz61swvQSd854K6TGf8xdD3B_OL1vGHhfqs2FWtljfecP0QZ6sXHpx_mIfX2-HSRlsGdYKZ6FWlr39h3zXiypd5xJbOnLsjQ8GP1vvdiE41A9AG39CW4FxUZQ1NpgKWac_oQe8l4BPsNVuBuTnVyp8uFUlPALqcgHJoXS0Fg7rjEAQgZA&sai=AMfl-YTVMr4MrgyasKjdGSEGPL2Zcb6s8p-g__ATKra23I4qDznQPI0x-fXY8KNoYztF_fm7VIytzuWzZ_TxOsyZtv7jaQl_3D2QXI_aRJSHhcCFvVNAk0jLsMHHgeU1lspKIQsNDQ2AqlbCnAvGlp7eTmyh8ynQvg&sig=Cg0ArKJSzD832K92yMu5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2362&vt=11&dtpt=1626&dett=3&cstd=734&cisv=r20220822.64044&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Aug 2022 19:11:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7093734920555040481
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7093734920555040481
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:27 GMT
X-Proxy-Origin
173.245.209.177; 173.245.209.177; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5f0fc648-f648-4283-ae89-3011f7c53c4d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=7093734920555040481
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=AhZpuwMSPbQZHD_rUBF0vgVBa7gZE2i9DB0xoiP7
  • https://usersync.gumgum.com/usersync?b=bsw&i=c272ea53-b556-4b45-ad53-6c54288ea606
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=c272ea53-b556-4b45-ad53-6c54288ea606
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=c272ea53-b556-4b45-ad53-6c54288ea606
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame FAD8
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28U06FGCMXHxaJHGvoVIwSkCsF-EBVzH_yQ4Vu6yjXojqTBAiGAd_N1ngbGYPEMmf6%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0&obuid=ENC(U06FGCMXHxaJHGvoVIwSkCsF-EBVzH_yQ4Vu6yjXojqTBAiGAd_N1ngbGYPEMmf6)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://creativecdn.com/cm-notify?pi=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=8UWOemAwr0Q0RAwfgxso&pi=outbrain
0
0
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=6f186b25-e4ac-4975-b61b-ecfcb00b596b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=6f186b25-e4ac-4975-b61b-ecfcb00b596b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Wed, 24 Aug 2022 19:11:27 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=6f186b25-e4ac-4975-b61b-ecfcb00b596b
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c107f8f3-1bcd-4eb4-499c-6365b2ef55dc$ip$173.245.209.177
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-c107f8f3-1bcd-4eb4-499c-6365b2ef55dc$ip$173.245.209.177
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-c107f8f3-1bcd-4eb4-499c-6365b2ef55dc$ip$173.245.209.177
Date
Wed, 24 Aug 2022 19:11:27 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-AdeI9pFE2pcnvAzJbj36F48Wa6D_QGI8Dij0~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-AdeI9pFE2pcnvAzJbj36F48Wa6D_QGI8Dij0~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Wed, 24 Aug 2022 19:11:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-AdeI9pFE2pcnvAzJbj36F48Wa6D_QGI8Dij0~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=0f335d7c-b239-4cef-b685-594c8120c45d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=0f335d7c-b239-4cef-b685-594c8120c45d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=0f335d7c-b239-4cef-b685-594c8120c45d
Date
Wed, 24 Aug 2022 19:11:28 GMT
X-CI-RTID
d1f9900f-567c-498b-acfa-fecd65d804fd
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame FAD8 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.156.92 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
574560669
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame FAD8 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:26 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=oOf6SlVCxeyjdhKfDzSL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT232PMY3FG3CWIN4GK6LKMRUEWZSEPJJUY...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=oOf6SlVCxeyjdhKfDzSL&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=oOf6SlVCxeyjdhKfDzSL&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=oOf6SlVCxeyjdhKfDzSL&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=1e2431a7-2af1-4505-ac14-2358f1a612db
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=1e2431a7-2af1-4505-ac14-2358f1a612db
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=1e2431a7-2af1-4505-ac14-2358f1a612db
date
Wed, 24 Aug 2022 19:11:27 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-5a556040-9ba5-4378-9175-396b51281898-004
sync.targeting.unrulymedia.com/csync/ Frame FAD8
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-5a556040-9ba5-4378-9175-396b51281898-004&rndcb=4622430499
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadcon...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=6f42cfb1a20a4109a0aaefec2606870d&ssp=adconductor&bsw_param=c272ea53-b556-4b45-ad53-6c54288ea606&gdpr=&consent=&gdpr_pd=&expires=7
  • https://sync.1rx.io/usersync/bidswitch/c272ea53-b556-4b45-ad53-6c54288ea606?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:29 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-5a556040-9ba5-4378-9175-396b51281898-004
pragma
no-cache
date
Wed, 24 Aug 2022 19:11:28 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=kfSgoTy5zGwU&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=kfSgoTy5zGwU&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://usersync.gumgum.com/usersync?b=pln&i=kfSgoTy5zGwU&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-66d777b689-466c9
expires
-1
usersync
usersync.gumgum.com/ Frame FAD8
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8961907218643304268
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8961907218643304268
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8961907218643304268
date
Wed, 24 Aug 2022 19:11:27 GMT
content-length
0
sync
ads.servenobid.com/ Frame FAD8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 5A1F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:27 GMT
Expires
Wed, 24 Aug 2022 19:11:26 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master nrt-pixel-x8 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=67af6306-77de-4d00-8b03-9c806ecb11b0&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 8E3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YwZ33wAI15YGGAAK
  • https://usersync.gumgum.com/usersync?b=atm&i=YwZ33wAI15YGGAAK&gdpr=0&gdpr_consent=&_test=YwZ33wAI15YGGAAK
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YwZ33wAI15YGGAAK&gdpr=0&gdpr_consent=&_test=YwZ33wAI15YGGAAK
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 24 Aug 2022 19:11:27 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YwZ33wAI15YGGAAK&gdpr=0&gdpr_consent=&_test=YwZ33wAI15YGGAAK
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10146-SYD
x-timer
S1661368287.384618,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 673B 		170 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81ZDA5YzJlMC1mMGJkLTQxZTAtOGNhNi0zYTJhYTBjMDEzYjA=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 19:11:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BFD3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=123808
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 24 Aug 2022 19:11:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 26 Aug 2022 05:34:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame AC5F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=492e6757-f51f-41aa-a4dc-76241c67fd3b
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=492e6757-f51f-41aa-a4dc-76241c67fd3b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 24 Aug 2022 19:11:27 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=492e6757-f51f-41aa-a4dc-76241c67fd3b
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame DDA9 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.125.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-125-68.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 24 Aug 2022 19:11:27 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 0BD3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YwZ338Co5ssAAGuPcHQAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YwZ338Co5ssAAGuPcHQAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 24 Aug 2022 19:11:27 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YwZ338Co5ssAAGuPcHQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
30
X-SO-HostName
a-ad40118.dc2p.scaleout.jp
X-SO-IP
173.245.209.177
X-SO-Key
YwZ338Co5ssAAGuPcHQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":30,"gdpr":false,"ipv4":"173.245.209.177","key":"YwZ338Co5ssAAGuPcHQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40118"}
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40118
usersync
usersync.gumgum.com/ Frame 2310
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=YwZ33F2KtzHErm0Xp68OOwAA%26883
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=YwZ33F2KtzHErm0Xp68OOwAA%26883
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73fe64d22cb6aae7-SYD
content-length
0
date
Wed, 24 Aug 2022 19:11:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=YwZ33F2KtzHErm0Xp68OOwAA%26883
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoqD20JG0t8alzMwnO5YRfAoh%2B3gnI6ojrPGJx%2FD3wmQ7sG94MpQmlxBG2c5BPhUzONxApasPQG0QChNDqmwulkDPEScyrm0RxUHK5p8%2BnYf6vIUBXQRkS0aoZyC2ZPPPjASASJS36bpHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 080E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=8UWOemAwr0Q0RAwfgxso&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=8UWOemAwr0Q0RAwfgxso&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 24 Aug 2022 19:11:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 24 Aug 2022 19:11:28 GMT Wed, 24 Aug 2022 19:11:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=8UWOemAwr0Q0RAwfgxso&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 83FC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.164.213 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-164-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Aug 2022 19:11:27 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 24 Aug 2022 19:11:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
_728x90logo.jpg
s0.2mdn.net/sadbundle/14196359717863263274/images/ Frame AFA2 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/images/_728x90logo.jpg?1655250755250
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e418f21c89e2b1cfb3a9b6a8dad3495ea0fde09dc87de884951f3ead9c14dc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 23:34:17 GMT
x-content-type-options
nosniff
age
70630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35545
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 23:34:17 GMT
sync
ads.servenobid.com/ Frame D1B7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L77ZS1RY-1N-KEXB
  • https://ads.servenobid.com/sync?pid=323&uid=L77ZS1RY-1N-KEXB
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L77ZS1RY-1N-KEXB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.servenobid.com/sync?pid=323&uid=L77ZS1RY-1N-KEXB
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
sync
ads.servenobid.com/ Frame 7D63 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8961907218643304268&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.30.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-30-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 7D63
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=492e6757-f51f-41aa-a4dc-76241c67fd3b&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=492e6757-f51f-41aa-a4dc-76241c67fd3b&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=492e6757-f51f-41aa-a4dc-76241c67fd3b&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
299
/
rtb-csync.smartadserver.com/redir/ Frame 7D63
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=OuQFBDvgUQsh7lNUaOMYAT2zBwch4QQCNO-esDDS
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=OuQFBDvgUQsh7lNUaOMYAT2zBwch4QQCNO-esDDS
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=OuQFBDvgUQsh7lNUaOMYAT2zBwch4QQCNO-esDDS
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 7D63
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=oOf6SlVCxeyjdhKfDzSL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=oOf6SlVCxeyjdhKfDzSL
43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=oOf6SlVCxeyjdhKfDzSL
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:27 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=oOf6SlVCxeyjdhKfDzSL
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
bsync
visitor.omnitagjs.com/visitor/ Frame 7D63 		0
0
usync.js
eus.rubiconproject.com/ Frame 83FC 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.164.213 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-164-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:11:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19362
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Thu, 25 Aug 2022 00:34:09 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8m0&_p=4215&cid=1455087646.1661368282&ul=en-us&sr=1600x1200&_z=ccd.v9B&sid=1661368283&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&dt=%E8%81%9A%E7%84%A6%E6%BC%A2%E5%AD%97%E6%96%87%E5%8C%96%C2%A0%C2%A0%E5%82%B3%E6%8F%9A%E4%B8%AD%E8%8F%AF%E6%96%87%E6%98%8E%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 19:11:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 83FC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L77ZS1RY-1N-KEXB
  • https://usersync.gumgum.com/usersync?b=mag&i=L77ZS1RY-1N-KEXB
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L77ZS1RY-1N-KEXB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Aug 2022 19:11:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L77ZS1RY-1N-KEXB
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 95CA 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3043698846836918000V10%26type%3Dpba%26refUrl%3D%26vid%3D13682853683043698846836918000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:11:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame CBAB 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=8UWOemAwr0Q0RAwfgxso&pi=outbrain
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74575368&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| adRecover object| ucf object| request string| paramsString object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias string| currentState object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ggeac object| google_tag_data object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing boolean| noPreviewPage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| _mNDetails object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 number| lnt_z

157 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQkPKQiq0wCgoIgQIQkPKQiq0wCgoI4gEQkPKQiq0wCgoI5gEQkPKQiq0wCgoIhwIQkPKQiq0wCgkICRCQ8pCKrTAKCQg6EJDykIqtMAoJCAsQkPKQiq0wCgoIjAIQkPKQiq0wCgkIXxCQ8pCKrTA=
.aralego.com/ Name: sspid
Value: 334d49a9-43e1-31a6-8173-908aa01a73b2
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 65fc8dab-61d8-4201-b344-4d9475159018
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 4b89f00c-653e-4ed4-8bb6-34f91c7c6bd0
.adpushup.com/ Name: ap_uid
Value: 89729df0-23e0-11ed-91d2-000d3aa31169
.adpushup.com/ Name: ap_usid
Value: 89729df1-23e0-11ed-91d2-000d3aa31169
.openx.net/ Name: i
Value: 4b89f00c-653e-4ed4-8bb6-34f91c7c6bd0|1661368280
.bg3.co/ Name: __gpi
Value: UID=000008fe5786fecf:T=1661368280:RT=1661368280:S=ALNI_MbRD8opIm208ae9ROMSF7bvznjiog
.rubiconproject.com/ Name: khaos
Value: L77ZS1RY-1N-KEXB
.doubleclick.net/ Name: IDE
Value: AHWqTUl6HnSuIf4GhVFV2PLb6_OuMT3Oee36GEhabtWZ-n5wK4GZuKvx_xAIsp-K8h0
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw2O-ZmAY4AUABSAEQ2O-ZmAYYAA..
.adnxs.com/ Name: uuid2
Value: 7093734920555040481
.teads.tv/ Name: tt_viewer
Value: d71425da-93a8-4cc3-bf52-45dfe131489f
.quantserve.com/ Name: mc
Value: 630677d9-9ffd4-31d25-61088
.bg3.co/ Name: __qca
Value: P0-1548432290-1661368281485
.bg3.co/ Name: __gads
Value: ID=fccc675060d3b23d:T=1661368280:S=ALNI_MZ4_y2Yl57MzbsVF8Yn6WdIG6H7Rw
.bg3.co/ Name: _ga
Value: GA1.1.1455087646.1661368282
.adsrvr.org/ Name: TDID
Value: 492e6757-f51f-41aa-a4dc-76241c67fd3b
.srv.stackadapt.com/ Name: sa-camp-264649
Value: s%3Aj%3A%7B%22campaign_id%22%3A%22264649%22%2C%22nativead_id%22%3A%22%22%2C%22domain%22%3A%22%22%2C%22timestamp%22%3A0%2C%22imp%22%3A%7B%22nativead_id%22%3A%222314848%22%2C%22domain%22%3A%22icook.tw%3A%3A156%22%2C%22timestamp%22%3A1661368284191%2C%22conversions%22%3Anull%7D%2C%22clk%22%3A%7B%22nativead_id%22%3A%22%22%2C%22domain%22%3A%22%22%2C%22timestamp%22%3A0%2C%22conversions%22%3Anull%7D%2C%22cookie_uid%22%3A%22%22%2C%22region%22%3A%22%22%2C%22auction_id%22%3A%221-0067-166136828308546567024543-4%22%2C%22imp_index%22%3A%220%22%7D.xWSqmIErODawxBhRX0cesznE0BTwJuY3S%2FyNMkf34QI
ap.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6ae7f01b-ab21-4761-7ac3-cb7a98d01478.U2wl9NlT%2Bjahqpk2xZxKYl%2FtLx32wZTS6FrTmRJmP6g
.send.microad.jp/ Name: TR
Value: 8eb28f6480fc6d526421f7e54989be30520fa57240f3ee1e
.adingo.jp/ Name: ID
Value: bf1f2445246236d9ea1b67253160e356
.media.net/ Name: visitor-id
Value: 3043698846836918000V10
.yahoo.co.jp/ Name: XA
Value: b6us3qthgctus&sd=B&t=1661368284&u=1661368284&v=1
.yahoo.co.jp/ Name: XB
Value: b6us3qthgctus&b=3&s=7h
.bidswitch.net/ Name: tuuid
Value: c272ea53-b556-4b45-ad53-6c54288ea606
.bidswitch.net/ Name: c
Value: 1661368284
.bidswitch.net/ Name: tuuid_lu
Value: 1661368284
.ad-m.asia/ Name: uid
Value: 12vRrhpX8XG
.uncn.jp/ Name: t
Value: v_d9dc12bb-13b0-4185-b09f-8585426a27bd
.casalemedia.com/ Name: CMID
Value: YwZ33F2KtzHErm0Xp68OOwAA
.casalemedia.com/ Name: CMPS
Value: 883
.casalemedia.com/ Name: CMPRO
Value: 883
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVJwtS^T!]tbPl1M>e)ZlrFUfJ+tGXxo3@*[6PI2PCSAax1??6]]v@/qOWQ<8aZ4Q@ue3If)y3KL9D3I?+>_pga(
.media.net/ Name: data-g
Value: CAESED3odw4pNXMJMoauwFgtVZY~~10
.r-ad.ne.jp/ Name: r_ad_token
Value: 508JBO00RBDGa007B1wv
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c107f8f3-1bcd-4eb4-499c-6365b2ef55dc.RAArrT3CmQTFS7w8M2KerFEd%2Fkuop%2F7KOfHJ2S3Q4tM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AwQf48xvNTrRJnGNlsu9V3K310bE.JYlIWNOefz%2FxQX3Enn4bWk%2BrTJ%2Fz0ad5rfnVJRQmU%2Bo
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5a556040-9ba5-4378-9175-396b51281898-004%22%7D
.yandex.ru/ Name: yuidss
Value: 2922048561661368284
.yandex.ru/ Name: yandexuid
Value: 2922048561661368284
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22492e6757-f51f-41aa-a4dc-76241c67fd3b%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-24T19%3A11%3A25%22%7D
.openx.net/ Name: pd
Value: v2|1661368285|jElYiuvOiahI
.ctnsnet.com/ Name: gid_CAESEGTpdU4-lDX3wzh8hk87dxg
Value: 1
.3lift.com/ Name: tluid
Value: 495490772937917103708
.reemo-ad.jp/ Name: deviceIdentifier
Value: ThfZOxuTwGVxYMWcgzxqEPiKiQdiqwcJ
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|492e6757-f51f-41aa-a4dc-76241c67fd3b|1661368285425997
.media.net/ Name: data-ttd
Value: 492e6757-f51f-41aa-a4dc-76241c67fd3b~~1
.media.net/ Name: data-o
Value: 5009a6ca-67b9-4bc3-b22f-827fcab4caf1~~8
.media.net/ Name: data-a
Value: 7093734920555040481~~8
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYxMzY4Mjg1fQ
.bg3.co/ Name: cto_bundle
Value: OObyNF9kWG8lMkZxbTFwQ0xlU05rbGQwTUZYMCUyQjFtV1lJUFh2WnRyMSUyRiUyRlJUUXBKNnd4VmtDNmlleW53ZW10YTVlbG93N2VzWjFSR1Foc2Y3eG5LZWh6T3MlMkZaOGdOY0RteENaZG1LaEUxNkElMkIyS3J1QSUzRA
.bg3.co/ Name: cto_bidid
Value: K94KMV84dXhYRTNacTZhOWJEZ3Fxek43QkJqcGNDcG93d254a3pzWEJyekNrMzIyS1RYZHVkeU5QTnEwRGxlTDVwOFNrcjVqdWlsQ1VhazRvZ09kWWYlMkZqQk5BJTNEJTNE
.w55c.net/ Name: matchgoogle
Value: 5
.criteo.com/ Name: uid
Value: dd5a638b-6d7f-4423-aee9-a15d8b109e96
.ctnsnet.com/ Name: cid
Value: 128debef3c3f408eb4bb99add751fb7e
.bing.com/ Name: MUID
Value: 390F3D7D84AE63F50C1C2F77859C62D1
.c.bing.com/ Name: MR
Value: 0
.w55c.net/ Name: wfivefivec
Value: zj2wRe0w1OqVMF5
.w55c.net/ Name: matchmedianet
Value: 5
.linkedin.com/ Name: li_sugr
Value: c87aede8-536e-4c92-856b-1e7b173610f1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c6a43d77-5b08-4446-8627-16765263e8bd"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2790:u=1:x=1:i=1661368285:t=1661454685:v=2:sig=AQHvFkDIb1CuYdXCkcVAruhUBIMf4AT0"
.blismedia.com/ Name: b
Value: 630677DD5BD38B92B3F47FC1BLIS
.turn.com/ Name: uid
Value: 2651021867338552653
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1661368283.1.0.1661368286.0.0.0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.yahoo.com/ Name: A3
Value: d=AQABBN53BmMCEGyKIbNqhLXjddfnOF1m7C0FEgEBAQHJB2MQYwAAAAAA_eMAAA&S=AQAAAhcv4H6HDMM2Kta-UtXNucQ
pool.admedo.com/ Name: tuuid
Value: 2cb05a91-3225-4d67-92e6-ffb90fc9eb7e
pool.admedo.com/ Name: c
Value: 1661368286
pool.admedo.com/ Name: tuuid_lu
Value: 1661368286
.adform.net/ Name: C
Value: 1
.media.net/ Name: data-c
Value: dd5a638b-6d7f-4423-aee9-a15d8b109e96~~1
.media.net/ Name: data-c-ts
Value: 1661368286
.media.net/ Name: data-xu
Value: zj2wRe0w1OqVMF5~~8
.media.net/ Name: data-r1
Value: RX-5a556040-9ba5-4378-9175-396b51281898-004~~8
.mathtag.com/ Name: mt_mop
Value: 4:1661368286
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.a-mo.net/ Name: amuid2
Value: 07f9ecbf-f245-4211-b1f9-a5372042b5fa
.prebid.a-mo.net/ Name: sd_amuid2
Value: 07f9ecbf-f245-4211-b1f9-a5372042b5fa
.ladsp.com/ Name: cr
Value: 1
.casalemedia.com/ Name: CMST
Value: YwZ33mMGd94A
.casalemedia.com/ Name: CMRUM3
Value: 27630677de0b40&40630677de05a00&69630677de05a0&2d630677dd05a0CAESEHTmM8y1RCkxpE1YjTbMaqo&e6630677de2760&98630677de05a00&f1630677de05a0&49630677de05a0&1a630677de05a0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DEC9AF99-DED7-471D-8216-5BD47B531BBF
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159463:2
.pubmatic.com/ Name: DPSync3
Value: 1662508800%3A201_197%7C1661904000%3A164%7C1661385600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1661904000%3A223_15_2%7C1662163200%3A63%7C1662595200%3A35%7C1662508800%3A54_247_209_5_220_3_189_234_7_22_179_231_21_56_165_176_13_96_99_71_8_204_222_107_238
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTQGQktzS1NjcxNjIT5DXWO3NGfTgMBKQ-OMKgAGiWUFJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZobGZhZGFmYm4BAMwvUT0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTQGQktzS1NjcxNjIT5DXWO3NGfTgMBKQ-OMKgAGiWUFJQAAAA
.mathtag.com/ Name: uuid
Value: 67af6306-77de-4d00-8b03-9c806ecb11b0
.zemanta.com/ Name: zuid
Value: oOf6SlVCxeyjdhKfDzSL
.media.net/ Name: data-rk
Value: 1975461764915802390~~8
.sportradarserving.com/ Name: zuuid
Value: 4744a01d-ea33-41b6-aeb4-f83a5ee0baf1
.sportradarserving.com/ Name: c
Value: 1661368286
.adsymptotic.com/ Name: U
Value: ad833c6600a94d7d73a98593cd8233e8
.w55c.net/ Name: matchpubmatic
Value: 5
.ladsp.com/ Name: smn_uid
Value: GS_9wc65IoxSEQHjAXpgig7Glt-sh9c
.ladsp.com/ Name: lum
Value: COT7kIqtMBIFCAMQ0AU
.analytics.yahoo.com/ Name: IDSYNC
Value: 198o~26rv
.servenobid.com/ Name: pid_312
Value: 7093734920555040481
.media.net/ Name: data-pba
Value: DEC9AF99-DED7-471D-8216-5BD47B531BBF~~8
.gumgum.com/ Name: vst
Value: a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0
.tribalfusion.com/ Name: ANON_ID
Value: agnv7ySkTsfAutomjp968wtxjcO3PbpSTkVafUoSo05wF8VqQZcPomwAmQLPWcXX7FaXPCZaJjmgIZbjij76hu1TwKgRZb7dFAeBZaNmVfhW1IZcmHnCUXohVm
ads.playground.xyz/ Name: connect.sid
Value: s%3AR8hQZQP2FPHqhfF92GOxYFJtqzDkQmOp.Avu4qm0kLmsXFiHEOy%2BOlEsL2RkHBKqwI5eVxPIabDI
.servenobid.com/ Name: pid_324
Value: 1917759393997953743
.servenobid.com/ Name: pid_333
Value: YwZ33F2KtzHErm0Xp68OOwAAA3MAAAAB
.taboola.com/ Name: t_gid
Value: 082d5ab6-6f30-421e-899e-6ffd32c003f1-tuct9fffd5e
.rlcdn.com/ Name: rlas3
Value: XBuIwPYfeYUYpyJsK+D1iz8OA00LtfaRkXmoCFI/P6Q=
.rlcdn.com/ Name: pxrc
Value: CAA=
.smartadserver.com/ Name: pid
Value: 8961907218643304268
.brand-display.com/ Name: _knxq_
Value: 2b4b8401-fefd-76aa-77ee29db.1661368286.0.1661368286.1661368286
.adform.net/ Name: uid
Value: 1801890834697363999
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5a556040-9ba5-4378-9175-396b51281898-004%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI3ru_gc-DgzsQBRIXCghwdWJtYXRpYxILCKqY25rPg4M7EAUYASABKAIyCwj0w9vM5YODOxAFOAFaDnNtYXJ0LWFkc2VydmVyYAI.
.csync.loopme.me/ Name: viewer_token
Value: f7f45a35-33a7-4f0c-b576-eada08ee50ac
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLx5C7yg4yabrUyebV3a1stZfwYE+pgOU4woS0CNdd3xCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Alexandria
.ambientdsp.com/ Name: _aUID
Value: wst165wpbz2
.go.sonobi.com/ Name: __uis
Value: 24e8009d-a934-41d8-9f78-1dc658de905e
.sportradarserving.com/ Name: zuuid_lu
Value: 1661368287
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1661368287
.c.appier.net/ Name: _auid
Value: PemK8abuDdOMKvEc33cGYw
.mfadsrvr.com/ Name: tuuid
Value: 30bb4238-f6a8-4671-a67b-1c2d85613f16
.mfadsrvr.com/ Name: c
Value: 1661368287
.mfadsrvr.com/ Name: tuuid_lu
Value: 1661368287
.socdm.com/ Name: SOC
Value: YwZ338Co5ssAAGuPcHQAAAAA
.casalemedia.com/ Name: CMTS
Value: 822
.servenobid.com/ Name: pid_337
Value: y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_339
Value: y-nMsULo5E2uHKvI64upjr3Zj8gELwt9hyKSpHXKI-~A
.adgrx.com/ Name: ADGRX_UID
Value: 8d7c0170-23e0-11ed-864a-cf979e5379e4
.lijit.com/ Name: ljt_reader
Value: FM2_DLZHEZc_dIXDRQqYMJA5
.quantserve.com/ Name: d
Value: ECMBFQH3JoEO-TCP_8EA
.media.net/ Name: data-bs
Value: c272ea53-b556-4b45-ad53-6c54288ea606~~1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3d253fe8-38aa-374f-9a29-e76a73fc70b7
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YwZ33wAI15YGGAAK
.servenobid.com/ Name: pid_309
Value: a_5d09c2e0-f0bd-41e0-8ca6-3a2aa0c013b0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AxMtgXp-907dqWYrFaBbvFE
.yieldlift.com/ Name: xuids
Value: eyJ4dWlkIjoiNmVkMzU4M2YtYTY1MC00ZGYzLThmMmMtODk5MWFiNDNkZmNhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yNFQxOToxMToyNy4yNzM4NzdaIn0=
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-hmrqW4duvlSdYLwL1G33XoE96Fidb-tdiGEmJIso&KRTB&19420-hmrqW4duvlSdYLwL1G33XoE96Fidb-tdiGEmJIso&KRTB&22979-hmrqW4duvlSdYLwL1G33XoE96Fidb-tdiGEmJIso&KRTB&23403-hmrqW4duvlSdYLwL1G33XoE96Fidb-tdiGEmJIso
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESECNnY7yKtX-rqdWF4gj7Z6Q&KRTB&22987-CAESECNnY7yKtX-rqdWF4gj7Z6Q&KRTB&23025-CAESECNnY7yKtX-rqdWF4gj7Z6Q&KRTB&23386-CAESECNnY7yKtX-rqdWF4gj7Z6Q
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-PemK8abuDdOMKvEc33cGYw&KRTB&23130-PemK8abuDdOMKvEc33cGYw
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7093734920555040481&KRTB&23339-7093734920555040481
.pubmatic.com/ Name: PugT
Value: 1661368287
.simpli.fi/ Name: suid
Value: D16BE78D8AB5410A9C314DA151F75D61
.pubmatic.com/ Name: SPugT
Value: 1661368287
.dotomi.com/ Name: DotomiTest
Value: 3d5a049ed7ca205b
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1

5 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fju-jiao-yi-zi-wen-hua-chuan-yang-zhong-hua-wen-ming.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEFQ7GEiy-0jLHK8uykjQKXg&google_cver=1&google_push=AehlK4DG7JWf_j06tIqw9lNiIGwysY4bygMqkHyEMB9Hj3HFEgT25slfq5jSxcTxpjHLYpR-9wuZR2LyjiAQRDe1s4myJ1HiHMDNXcb3h2tlPez6GiHf444h1n-ArouNwDkFDS_SzuSYOlbOjw
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://z.moatads.com/stackadaptdisplay515602019759/moatad.js(Line 137)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

065b871e68dfa311ac55b3c7151729f3.safeframe.googlesyndication.com
0bac53416c6f8fbacdad0aca93caa0ff.safeframe.googlesyndication.com
2ed91e4b8889736293a8964540416cd2.safeframe.googlesyndication.com
5e9096cc516f199cdb60782332265f56.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
aid.send.microad.jp
an.yandex.ru
ap.evm1.stackadapt.com
ap.lijit.com
ap.srv.stackadapt.com
aplogger.adpushup.com
b1sync.zemanta.com
b61a36e0a14d367c54e505eab745483c.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
casale-match.dotomi.com
cc.adingo.jp
cdn.adnxs.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.stackadapt.com
ce.lijit.com
cksync.yahoo.co.jp
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.jp
cr-pall.ladsp.com
creative.stackadapt.com
creativecdn.com
cs.emxdgt.com
cs.media.net
cs.r-ad.ne.jp
csync.loopme.me
d-1710843936287949449.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dps.jp.cinarra.com
ds.uncn.jp
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.moatads.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lax1-ib.adnxs.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.taboola.com
mb.moatads.com
mts0.google.com
nep.advangelists.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stackadaptdisplay515602019759.s.moatpixel.com
stackadaptdisplayhourly515602019759.s.moatpixel.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.dsp.reemo-ad.jp
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.rd.linksynergy.com
tags.srv.stackadapt.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
z.moatads.com
hb-api.omnitagjs.com
image6.pubmatic.com
sync.outbrain.com
visitor.omnitagjs.com
103.229.10.180
103.229.205.242
103.231.98.194
103.231.98.196
103.3.63.48
104.16.87.20
104.18.100.194
104.18.12.76
104.18.18.126
104.18.19.126
104.18.35.11
104.19.173.108
104.211.156.162
104.254.150.228
104.254.150.241
104.254.151.36
104.26.3.91
104.26.5.103
104.69.148.168
104.69.164.213
106.10.236.40
107.178.254.65
125.56.225.45
125.56.226.34
13.107.21.200
13.107.42.14
13.112.54.241
13.224.250.32
13.224.250.34
13.224.250.50
13.227.254.11
13.227.254.26
13.231.81.146
13.250.207.233
13.250.213.230
13.33.33.38
13.76.45.37
139.99.49.250
141.226.229.48
142.250.4.132
142.250.4.154
142.250.4.95
142.251.10.132
142.251.10.155
142.251.10.156
142.251.12.97
145.40.89.200
148.251.44.111
150.136.156.92
150.95.47.242
151.101.1.108
151.101.193.44
151.101.194.49
151.101.65.108
169.62.67.163
172.217.194.102
172.217.194.132
172.217.194.156
172.217.194.157
172.217.194.94
172.253.118.94
18.138.18.111
18.140.89.184
18.161.111.72
18.176.234.133
18.177.113.58
18.180.74.207
18.235.125.68
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
182.22.31.252
184.87.200.25
185.184.8.90
185.84.60.21
195.5.165.20
198.8.71.129
202.131.200.84
202.233.84.1
202.241.208.52
209.191.163.209
209.58.171.197
209.58.188.181
23.106.127.53
23.108.103.8
23.195.152.23
23.195.153.54
23.36.252.26
23.36.253.206
23.49.60.112
23.52.171.123
23.72.44.196
23.72.44.239
23.72.45.156
23.9.185.218
3.113.231.86
3.126.96.88
34.102.253.54
34.107.148.139
34.111.151.213
34.195.158.163
34.235.40.219
34.250.30.153
34.96.105.8
34.98.67.3
35.186.193.173
35.190.60.146
35.213.12.39
35.213.93.179
35.244.159.8
35.72.150.84
35.74.137.60
37.157.2.237
38.91.45.7
42.99.140.144
42.99.140.200
50.116.239.135
51.255.68.171
52.204.175.17
52.204.37.210
52.221.101.105
52.221.120.52
52.221.14.52
52.223.2.229
52.223.40.198
52.46.155.104
52.71.232.26
52.74.162.2
52.74.186.80
52.76.192.69
52.76.68.248
52.95.126.160
54.175.93.244
54.254.175.9
54.255.21.102
54.91.29.254
66.155.71.149
67.199.150.85
67.199.150.86
69.16.175.42
69.173.158.64
69.173.158.65
70.42.32.127
72.34.250.75
74.118.186.44
74.125.130.104
74.125.24.101
74.125.24.149
74.125.24.157
74.125.24.94
74.214.196.131
77.88.21.90
8.43.72.97
84.17.37.44
89.207.22.137
96.17.72.64
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
051b806f47ae396f5381528e43b7694841df79769f1ee33e3377e5c0c898aec0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08ce3a25d4ac03c407ee79e68143d11bccea88a9903a6fb80d5c6f095b454a86
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b090cc332d88bc5bdcf9ca92bf970a60d3feb36d0e5f2857b4c6bc006019319
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
101444b3f16794386e86fc43c4e1db6260629c4eb3b0e36de0855e09eb10ae82
1134aa4ae37006afc21b7e7817610b9f9695e33c599cc7210fff5d103cb415a7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
165facc4dde839c42298cdcc6ce1b29fbe0b8cb16c39cb47ce755988a97705d5
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
220f5b7d10fb12dbf37449f4f4ec4926f7879fcfdb3f13bb900d9334d123c9b8
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
243a8cd5c7efe3b819a01d4ebb9bf76cf131d5910ffbb108d1e63e7aefb6830c
24f3723b948c0d0b03ec4691806fbaf157935e846b2d68aa3918f204424043d6
26587d8ff7e372bd95ed4a146b7ab1f4f16f2c5a0f3a7858a02071354f0f74cd
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
29e5523aa37498213a7b3c79f641603de1569678d6894f681f591743f24e5333
2c6863095b8de954122a28a6fb24b576e166d8e2472b1a535119181d3f12d4a9
2f11de2282c468d1a93068e9d85b401e9c7cbc2cc0c6f72ea13a44249f2d078e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7d5276b891833740b6847e05708324cdb6893b569b677870485e806bbb94ab
3004b319a2427a6a57c345f5e6edd582ee3e421592a39fca700e3e4c14e17bf7
3048560894ba8f71d210600f4c2ced5bebc6687408cdf5fe7a2159fccb97f49a
32152ba812ce33af0d7701775808859c68d1b00d8e2073998315296cd6225848
324f0037ee81753c5f4d1ddc4d9dea87727408fb7113df122356717b8586d270
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
35f39d8bfcc8d1484e942a22fcd458524533e5665d53d8576d48dfe2bf05f8f9
35f4d2b3bb8a87593812a5d497da67fc4cbc37748166a5bd02ddf556e484401e
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37c1ec9784fc156b83c8bef0ce952727b516b72d98f0eb9be26c7028bf84d916
38372a94c6e11515730e4faca69d16133de2857007b605fcdb3538ddb5b263a7
3c540b1823fe4a2cdf6b305e112660eea2bec2df90f248fc8b7dfbc4c92549e6
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
3fde3f58eb5e95a8a7994102c7ea88ff589a6d4196d16257d263a9821d18bbec
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
444d83097617ceb3408342812c05970b54211ced57814ee830ed1760562041dc
455b716ae18cbfb81685b2a872d3856f0ca0027d78b89a7dc26beb3b7871c059
464bb0a2b9b868a36a9d56f0794a799f5da55f7213322d2d66c965b08f6c88a7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5351caa1c4bc777d2a27fb4949d9fa871367cda71844bdc104c533eb155a7185
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5b8f80fd348a504db7032a64dea4da2c003a41a99a409d55958a1f4a74cba643
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63aa92d92ed9131c7e6a88124cec6ebcb1f8ee9ecdd62e8ebf9e7622fb0d5c97
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a3e5769b50199a784f497baed5fd808561f9eb5dd8eedc479ddad31ec9d93c0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f0891439aea7ee7704a8248eaad5b30bb57a37c6d00093f086e8872638de0ab
6f9f01ee2c9bea2279ce0f57a4367fc4fd0501f8a36d16b49ccdac2325d9d6e5
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
749db3fe5aacaec8d1f750a8455846bc0272534fc3fc8bf37ee54a1b34e1b843
75739105ef6325a39d5ab2c95a82b5ba83a598d0ea924ef825550e27bdf64a67
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c51dea2090ed5b681a0f74d2d397831cf91589c79abbc1d9b287b8d97b696a0
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f140aa8126a03834872623e44905ed7ad68dac8d39beea9edb873c4f5970c54
7f507cae0e9f60607a81e71d55d5b184658ba21168cb955a2f6bf0be771214e1
7f95ef023b44f025b47b6250719441733c001666c9e0ac1b16dca7dad585ade4
7fca9bf67d2a0363efe8dd3cfa075df841b3980ab38ed83aa4cf3b94a9d0ef01
804959f61d0344663385d263558432e61b354e7e09091502d922f601bc15000a
8184e5cac1bf2660d129f81e18d543b7d33c98d58a2655014bce447110cd0d25
825fe6fe931eea3dd81c7416c4a3f3d35dfafaa2228b12411b49eb7d640d8bfc
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82d98acd9068eefb8ebd915f94fe0c5386d1e17d841c0b7e2f4d2181f0325684
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8bd250cbeee887235daf53734913f20e948d5eb5333735aa7f57bf10a9eaa298
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8d4d286470d7a7f27c9563a71408d09c4714a1c23e92ae31fe19bb878ac29958
8dc11f3888d380f23d821b487d8a727b2f7ba4b06026357f91f326394f6ef956
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9354f9918f63f7ebe8ac8160e34955ec5d914e1c39936edb5f1c84dfca3c3a12
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7
970e6e3af4ea8fe9315d0e5257ee386f17238c6d66cc34fc71048f61e90d751d
981676bf806c12123dd278a0f9c6cd8131344fcf0b869f3e0d1403682e22e31e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d2c9c9f82fb7c73c50fac260546953a83ede3bb46d6ce302d499796c19e0a3b
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03a6a2a51df13506f8eaf811394b577a28a770ac6809a1fdcfec79d7b8aa14c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1f57352893f1cfa5b66e88f6f760ebcb1c5edae0f79bfdfe79f5664bdc76ce9
a2bc368ffea85865d06fc1c0551686eea80c57649282bc0a35d32c6790a8b5d7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
a549d4a5b0ebc2f4f6cf41d210eea2e75376d266a2492cbadee9e26b6051bca4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d3e37cf4434d78c07260bfe62603dca705177c393d3e03936d26c9d5ef1f1a
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
ab21d485ddc8e04878802fd4255540053c55feeb27bcc0dc8beb1468007ef26c
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d6da0bcffd0f2c0074154b28b206452524f5449d49c4457440453142d0cfa3
b3d8546a043b991780a1acd8ce878a7bc6160f3b12567d21249ad2c9c1d2d497
b3dc66d3a1087327a51897dd42d2e26e177837d207d0a2db789b12edea7b7b59
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
b8358d72463f68c791074ca19a8b6653977fa8502c50609242663999a4cbb5ec
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bff8625b89e0961465540f40cfe46f12ce0b2f85796341252b4d42d6e669e661
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c32ef9d5888be9e4084a7b90e9af3419a4b71b444ec3e70921849af1d8a08099
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c5ca00d4a24c1d96c84a6f9823dd301be26bced992e350fa79a36847565d0137
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c6580444fb26c21afab3bdf73b8e638b1e27722f1a24aef86028d89868c78bb7
c6f96d41bb943e0514c477e6fa78a7b43d49082eb812ad94340b34cbdd44ecc9
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cb436a8423d69343bf9151052b7a48fb536eed712f0e68b9768845e3dd228c16
cc5bd191625a3aa228827b0faf1b0235d9fac5498739282fcb2c3516080a2ad2
cd2fc2a73734ba5d6d6e03b1f97d6fb9d8f69fdcda589979319769707a5599f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2af95bd72cda6a85823f96faaa92f425fd0d363d5b171510d4abe36f36a1cbb
d40e7e21962ec907afdebdd1ba1bea388e4304a494b17452f6a7b0e1c8c03f31
d43759eeb0bad511a676b580e58291166dfc2375212a83fbcdf622f7c39e8470
d6a4bd11a7451ad00e38a9daff9e829e3317b61eadea3af22c206d5fbdbfa926
da85253da6d57dacaa32050a0a7207b8d1bbe6e77d359e17bcc670c0dfabeac7
db613b78704973372e0f768722207d5f6197401f6a702db2d6a8f570f2df8f5e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e02c9cdd33d095e033be3b55cbc7adcbfdafae75945cdd4f00623cb65ed27f59
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e418f21c89e2b1cfb3a9b6a8dad3495ea0fde09dc87de884951f3ead9c14dc4f
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7aea762f3569f5f0a4677e57012eb90f29abc28fd008cbb0f9acb1a49e3d396
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee1634161159fc19e6e919bcf64b0b4c55a2789250c62d156193aee10d153828
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e
f59552e0f096c59a9eb2572e6f746a0cbac18861385154600bc66594e20094a5
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd
fd55646df908cf289bfcd99e2f430b2600e15e16aed2fd0f02a1fab9f34b8241
fd838bebf2470cde56a2a215496ce252d594531e43d2761d5723af0c94fe2d67
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffecc1c0a3117844bcbcf2976a9b349b2698a309293aeb45e008d254361aabb4