urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-fe...
Submission: On September 26 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 8 countries across 100 domains to perform 525 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 583884.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
46 142.251.12.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
24 104.26.2.91 13335 (CLOUDFLAR...)
44 172.217.194.154 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
2 69.16.175.42 20446 (STACKPATH...)
13 55 142.251.10.155 15169 (GOOGLE)
2 74.125.24.97 15169 (GOOGLE)
4 142.250.4.101 15169 (GOOGLE)
6 142.251.12.154 15169 (GOOGLE)
1 142.251.10.94 15169 (GOOGLE)
2 142.251.12.155 15169 (GOOGLE)
12 142.251.12.157 15169 (GOOGLE)
11 74.125.130.156 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
36 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
6 182.161.73.142 55569 (CRITEO-AS...)
1 34.149.43.113 15169 (GOOGLE)
21 142.251.12.149 15169 (GOOGLE)
3 103.229.10.171 16509 (AMAZON-02)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 8 35.244.159.8 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
2 5 145.40.88.5 54825 (PACKET)
1 18.140.14.88 16509 (AMAZON-02)
1 104.83.197.63 16625 (AKAMAI-AS)
5 19 139.99.49.250 16276 (OVH)
1 44.239.37.137 16509 (AMAZON-02)
3 12 104.18.18.126 13335 (CLOUDFLAR...)
2 54.64.137.66 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
11 34.246.170.209 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
7 11 104.254.150.228 29990 (ASN-APPNEX)
1 35.213.117.18 15169 (GOOGLE)
1 13.33.33.43 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.124 16509 (AMAZON-02)
8 142.251.10.99 15169 (GOOGLE)
5 182.161.73.136 55569 (CRITEO-AS...)
1 5 34.98.64.218 15169 (GOOGLE)
1 2 184.31.5.88 16625 (AKAMAI-AS)
2 2 104.45.178.220 8075 (MICROSOFT...)
3 4 185.84.60.20 198622 (ADFORM)
3 4 67.199.150.81 62713 (AS-PUBMATIC)
1 1 13.33.88.29 16509 (AMAZON-02)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
7 8 52.74.13.196 16509 (AMAZON-02)
2 2 35.208.249.213 19527 (GOOGLE-2)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 182.161.73.135 55569 (CRITEO-AS...)
4 151.101.2.49 54113 (FASTLY)
3 4 13.107.42.14 8068 (MICROSOFT...)
9 10 35.213.12.39 15169 (GOOGLE)
2 2 3.115.131.27 16509 (AMAZON-02)
1 1 150.95.47.242 7506 (INTERQ GM...)
1 35.213.109.249 15169 (GOOGLE)
9 10 52.223.40.198 16509 (AMAZON-02)
1 1 18.177.11.95 16509 (AMAZON-02)
1 1 13.115.99.16 16509 (AMAZON-02)
4 10 52.223.2.229 16509 (AMAZON-02)
1 52.84.45.26 ()
6 104.83.196.24 16625 (AKAMAI-AS)
1 23.44.1.2 16625 (AKAMAI-AS)
3 11 23.15.148.136 16625 (AKAMAI-AS)
1 23.44.0.183 16625 (AKAMAI-AS)
7 12 69.173.158.64 26667 (RUBICONPR...)
1 3.92.9.222 ()
1 1 50.116.239.135 ()
1 1 124.146.215.52 2514 (INFOSPHER...)
2 2 13.33.88.32 16509 (AMAZON-02)
1 2 104.18.99.194 ()
2 5 13.229.2.67 16509 (AMAZON-02)
4 9 52.46.130.91 ()
1 204.79.197.200 8068 (MICROSOFT...)
4 4 103.229.206.241 30419 (MEDIAMATH...)
1 69.173.144.138 ()
1 2 23.106.127.53 59253 (LEASEWEB-...)
3 4 35.190.60.146 15169 (GOOGLE)
1 67.199.150.82 3257 (GTT-BACKB...)
3 104.18.19.126 ()
4 23.44.0.196 ()
3 184.25.248.23 ()
2 2 13.213.209.254 ()
1 182.161.73.146 ()
1 1 23.108.103.8 ()
2 107.23.149.157 ()
2 2 104.254.148.251 ()
3 104.19.173.108 ()
1 104.18.13.76 ()
1 54.64.4.232 ()
1 23.106.127.164 ()
1 3.230.47.190 ()
2 2 209.191.163.209 ()
2 2 209.191.163.208 ()
1 2 151.101.1.44 ()
525 87
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
46    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
tpc.googlesyndication.com
58b085eee150a534224aaadead53b14b.safeframe.googlesyndication.com
b4d2fe5aaaebb6d25743be5dcfc19d36.safeframe.googlesyndication.com
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
24    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
44    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
pagead2.googlesyndication.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
55    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
4    142.250.4.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f101.1e100.net
www.google-analytics.com
6    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
adservice.google.com
1    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
d-3394377511692373627.ampproject.net
2    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
partner.googleadservices.com
12    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
adservice.google.com.au
www.googletagservices.com
googleads4.g.doubleclick.net
11    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
36    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
6    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com
tps.doubleverify.com
21    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
s0.2mdn.net
3    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
5    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    18.140.14.88 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-14-88.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
19    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    44.239.37.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-37-137.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
12    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
2    54.64.137.66 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-137-66.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
11    34.246.170.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
11    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-124.sin2.r.cloudfront.net
pxl.qccerttest.com
8    142.251.10.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f99.1e100.net
www.google.com
5    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    184.31.5.88 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-88.deploy.static.akamaitechnologies.com
sync.teads.tv
2    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
4    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    67.199.150.81 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    13.33.88.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-29.sin2.r.cloudfront.net
s.ad.smaato.net
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
8    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
10    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    3.115.131.27 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-131-27.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
10    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    13.115.99.16 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-99-16.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
10    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    52.84.45.26 (None, )

ASN- ()
public.servenobid.com
6    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.44.1.2 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-2.deploy.static.akamaitechnologies.com
js-sec.indexww.com
11    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    23.44.0.183 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
12    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    3.92.9.222 (None, )

ASN- ()
ssp.disqus.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
1    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.33.88.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-32.sin2.r.cloudfront.net
cr-p3.ladsp.com
2    104.18.99.194 (None, )

ASN- ()
p.adsymptotic.com
5    13.229.2.67 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-2-67.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
9    52.46.130.91 (None, )

ASN- ()
s.amazon-adsystem.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
4    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    69.173.144.138 (None, )

ASN- ()
pixel-eu.rubiconproject.com
2    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
1    67.199.150.82 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
3    104.18.19.126 (None, )

ASN- ()
ssum-sec.casalemedia.com
4    23.44.0.196 (None, )

ASN- ()
ads.pubmatic.com
3    184.25.248.23 (None, )

ASN- ()
cs.media.net
c21lg-d.media.net
2    13.213.209.254 (None, )

ASN- ()
pm.w55c.net
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    23.108.103.8 (None, )

ASN- ()
inv-nets.admixer.net
2    107.23.149.157 (None, )

ASN- ()
cs.emxdgt.com
2    104.254.148.251 (None, )

ASN- ()
secure.adnxs.com
3    104.19.173.108 (None, )

ASN- ()
csync.loopme.me
1    104.18.13.76 (None, )

ASN- ()
cdn.indexww.com
1    54.64.4.232 (None, )

ASN- ()
g2.gumgum.com
1    23.106.127.164 (None, )

ASN- ()
ssbsync.smartadserver.com
1    3.230.47.190 (None, )

ASN- ()
x.yieldlift.com
2    209.191.163.209 (None, )

ASN- ()
ce.lijit.com
2    209.191.163.208 (None, )

ASN- ()
ap.lijit.com
2    151.101.1.44 (None, )

ASN- ()
trc.taboola.com
match.taboola.com
Apex Domain
Subdomains		 Transfer
80 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
58b085eee150a534224aaadead53b14b.safeframe.googlesyndication.com
b4d2fe5aaaebb6d25743be5dcfc19d36.safeframe.googlesyndication.com
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
710 KB
68 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
587 KB
43 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
csm.as.criteo.net — Cisco Umbrella Rank: 17365
pix.as.criteo.net — Cisco Umbrella Rank: 17010
384 KB
27 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
pixel-eu.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
51 KB
25 bg3.co
www.bg3.co — Cisco Umbrella Rank: 583884
static.bg3.co
251 KB
21 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
263 KB
19 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
10 KB
16 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22529
ads.as.criteo.com — Cisco Umbrella Rank: 17083
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17485
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
dis.criteo.com
92 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com
11 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com
29 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
5 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
5 KB
13 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13567
us-u.openx.net — Cisco Umbrella Rank: 396
u.openx.net — Cisco Umbrella Rank: 650
jp-u.openx.net
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15327
e3.adpushup.com — Cisco Umbrella Rank: 16605
aplogger.adpushup.com — Cisco Umbrella Rank: 16434
217 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1646
public.servenobid.com
8 KB
11 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 934
x.bidswitch.net — Cisco Umbrella Rank: 301
6 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
5 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
6 KB
10 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
contextual.media.net — Cisco Umbrella Rank: 559
cs.media.net
c21lg-d.media.net
16 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
217 KB
9 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
5 KB
9 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 648
image8.pubmatic.com — Cisco Umbrella Rank: 607
ads.pubmatic.com
simage2.pubmatic.com Failed
image2.pubmatic.com Failed
image4.pubmatic.com Failed
38 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30433
sync.aralego.com — Cisco Umbrella Rank: 3193
4 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
218 KB
5 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 97372
1 KB
4 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 561
528 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
378 B
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
629 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9047
45 KB
3 loopme.me
csync.loopme.me
163 B
3 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1762
ssbsync.smartadserver.com
1 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
sync.teads.tv — Cisco Umbrella Rank: 1077
767 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
cms.quantserve.com — Cisco Umbrella Rank: 1020
11 KB
2 taboola.com
trc.taboola.com
match.taboola.com
560 B
2 emxdgt.com
cs.emxdgt.com
133 B
2 w55c.net
pm.w55c.net
2 KB
2 adsymptotic.com
p.adsymptotic.com
478 B
2 ladsp.com
cr-p3.ladsp.com
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com
2 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4590
1 KB
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1657
935 B
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5392
1 KB
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3386
1014 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
1004 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
74 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 654
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 14734
11 KB
1 yieldlift.com
x.yieldlift.com
240 B
1 gumgum.com
g2.gumgum.com
usersync.gumgum.com Failed
rtb.gumgum.com Failed
2 KB
1 admixer.net
inv-nets.admixer.net
585 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 220
667 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
859 B
1 turn.com
ad.turn.com
441 B
1 disqus.com
ssp.disqus.com
38 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 121751
349 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 123710
724 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2843
218 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 128850
401 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
5 KB
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6824
540 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
719 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
550 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
680 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209
516 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 doubleverify.com
tps.doubleverify.com — Cisco Umbrella Rank: 481
157 B
1 ampproject.net
d-3394377511692373627.ampproject.net
0 dyntrk.com Failed
gu.dyntrk.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 trafficroots.com Failed
demand.trafficroots.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 nrich.ai Failed
dsp.nrich.ai Failed
0 pippio.com Failed
pippio.com Failed
0 tribalfusion.com Failed
s.tribalfusion.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 iprom.net Failed
core.iprom.net Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 sportradarserving.com Failed
a.sportradarserving.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
525 100
Domain Requested by
44 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
onetag-sys.com
g2.gumgum.com
44 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
www.bg3.co
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
googleads.g.doubleclick.net
36 static.criteo.net ads.as.criteo.com
static.criteo.net
www.bg3.co
cdn.adpushup.com
30 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
24 static.bg3.co www.bg3.co
21 s0.2mdn.net static.criteo.net
www.bg3.co
s0.2mdn.net
19 onetag-sys.com 5 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
11 ib.adnxs.com 7 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
11 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
onetag-sys.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
11 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
10 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
10 match.adsrvr.org 9 redirects cdn.adpushup.com
10 x.bidswitch.net 9 redirects onetag-sys.com
10 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 s.amazon-adsystem.com 4 redirects eb2.3lift.com
onetag-sys.com
ssum-sec.casalemedia.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
8 pixel.rubiconproject.com 3 redirects onetag-sys.com
eus.rubiconproject.com
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 ups.analytics.yahoo.com 7 redirects onetag-sys.com
8 www.google.com tpc.googlesyndication.com
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
6 contextual.media.net cdn.adpushup.com
contextual.media.net
ads.pubmatic.com
eus.rubiconproject.com
6 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
6 csm.as.criteo.net ads.as.criteo.com
6 e3.adpushup.com www.bg3.co
6 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 gum.criteo.com static.criteo.net
gum.criteo.com
cdn.adpushup.com
contextual.media.net
5 prebid.a-mo.net 2 redirects cdn.adpushup.com
public.servenobid.com
5 www.googletagservices.com googleads.g.doubleclick.net
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
5 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 id.rlcdn.com 3 redirects onetag-sys.com
4 sync.mathtag.com 4 redirects
4 googleads4.g.doubleclick.net www.bg3.co
4 px.ads.linkedin.com 3 redirects
4 sync-tm.everesttech.net 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 www.google-analytics.com www.bg3.co
www.googletagmanager.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 csync.loopme.me ssum-sec.casalemedia.com
ads.pubmatic.com
3 secure-assets.rubiconproject.com 3 redirects
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 ads.as.criteo.com googleads.g.doubleclick.net
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 secure.adnxs.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 pool.admedo.com 2 redirects
2 trace.mediago.io 2 redirects
2 rtb2-useast.e-volution.ai 2 redirects
2 mweb.ck.inmobi.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 aplogger.adpushup.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 x.yieldlift.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
1 g2.gumgum.com public.servenobid.com
1 c21lg-d.media.net contextual.media.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 inv-nets.admixer.net 1 redirects
1 dis.criteo.com contextual.media.net
1 image8.pubmatic.com onetag-sys.com
ads.pubmatic.com
1 pixel-eu.rubiconproject.com onetag-sys.com
1 c.bing.com eb2.3lift.com
1 tg.socdm.com 1 redirects
1 ad.turn.com 1 redirects
1 ssp.disqus.com
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 dynalyst-sync.adtdp.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 y.one.impact-ad.jp 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
1 sync.dsp.reemo-ad.jp 1 redirects
1 cms.quantserve.com 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
1 pix.as.criteo.net ads.as.criteo.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 dsp.adkernel.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 b4d2fe5aaaebb6d25743be5dcfc19d36.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 58b085eee150a534224aaadead53b14b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tps.doubleverify.com ads.as.criteo.com
1 d-3394377511692373627.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 gu.dyntrk.com Failed ssbsync.smartadserver.com
0 id5-sync.com Failed ssbsync.smartadserver.com
0 demand.trafficroots.com Failed ssbsync.smartadserver.com
0 sync.adotmob.com Failed ssbsync.smartadserver.com
0 rtb.gumgum.com Failed ads.pubmatic.com
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 dsp.nrich.ai Failed ads.pubmatic.com
0 image4.pubmatic.com Failed ads.pubmatic.com
0 pippio.com Failed ads.pubmatic.com
0 s.tribalfusion.com Failed ads.pubmatic.com
0 um.simpli.fi Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 dps.jp.cinarra.com Failed ads.pubmatic.com
0 sync-dsp.ad-m.asia Failed ads.pubmatic.com
0 image2.pubmatic.com Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 creativecdn.com Failed g2.gumgum.com
0 stags.bluekai.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
ads.pubmatic.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 a.sportradarserving.com Failed g2.gumgum.com
0 usersync.gumgum.com Failed g2.gumgum.com
0 sync.srv.stackadapt.com Failed ssum-sec.casalemedia.com
g2.gumgum.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 dpm.demdex.net Failed ssum-sec.casalemedia.com
0 rtb.mfadsrvr.com Failed contextual.media.net
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
0 p.rfihub.com Failed contextual.media.net
public.servenobid.com
0 aax-eu.amazon-adsystem.com Failed
0 b1sync.zemanta.com Failed eb2.3lift.com
contextual.media.net
ssum-sec.casalemedia.com
525 155

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.doubleverify.com
Network Solutions OV Server CA 2		 2021-11-08 -
2022-12-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh

This page contains 87 frames:

Primary Page: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Frame ID: C48DB103A3F02041539534A7A15DA45E
Requests: 112 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B3E3E8F0E4BE269C6B7C4B1D1B093D18
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D9202005CE7408124F0122B0A05EB172
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 96F77AD6D87F5752A03CECFA863401FE
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A55D54F83E2DCB62F3401C7E28C138B9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Frame ID: CB853B7C8851D69A1C9CC7F73C241D23
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256123&bpp=11&bdt=1474&idt=1965&shv=r20220921&mjsv=m202209210101&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=1&ga_vid=1507107048.1664206258&ga_sid=1664206258&ga_hid=1752020332&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2427&biw=1600&bih=1200&isw=336&ish=280&ifk=780332214&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31069779%2C31067826&oid=2&pvsid=2091931484474790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecmpry378s7r&btvi=1&fsb=1&dtd=1985
Frame ID: 947DFDE6113A03412557739B05A84452
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-28624581033458357175&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3288&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=2001973&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&ga_hid=1973&dt=1664206257995&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&bdt=4398&dtd=404&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 883677B7D7599EF94014539E43D4DB4B
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: B95B6F4DDD095954A0E45DD79B39468F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9GIgssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBI8CT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxRicO884C30IQyaXlgqKet--TSL640P-rt1C68yJzCVO1_362icW4AGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=lL2WHLft_VM&uach_m=[UACH]&cid=CAQSGwCsnQUxIrVqagj5sJOCdgPC-DfHOKhE1MJ31RgB
Frame ID: 80BDD612BDC367BB7BF23296C1C200E9
Requests: 6 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 0D87A6889B663419243260FB9FF2849B
Requests: 11 HTTP requests in this frame

Frame: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Frame ID: E2E1DF1944AE873F584E94CD0D699CE0
Requests: 12 HTTP requests in this frame

Frame: https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Frame ID: 2467B053E91DA39F293A4724F6F57ECD
Requests: 3 HTTP requests in this frame

Frame: https://58b085eee150a534224aaadead53b14b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1E3994DBCE97B3941F3343EC4C460C96
Requests: 1 HTTP requests in this frame

Frame: https://b4d2fe5aaaebb6d25743be5dcfc19d36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9E2FBC382046B60154AE64E3C07E78B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0FCC61D02FC2476D94F962F1E234E48B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B91CBDE0934B3484C232931F7E779839
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 591E3629DF173513C2EF97B6A8C8217F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9912AD6849AA154FA0CC0F23B183BD0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F91136B2BFFDFE0FDA408C0CF7D569D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2A0B88FBCA59491EF1AEBC5226472DD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44AF19E2DEA10A27B40CCB0D5223C902
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08CA2AEE34005BA861A98AF44659953E
Requests: 2 HTTP requests in this frame

Frame: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 72FEF48E0BFD2D2C2ED40F633DACEFA2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 30018296029F0B5092F42AAF02089ECB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58180735284A94F54FD6065E4372DD81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0CC285CA47A556856BBFE70F828FF999
Requests: 2 HTTP requests in this frame

Frame: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E284C30333D532083DD810CF044651E
Requests: 15 HTTP requests in this frame

Frame: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1D159BB274EE2AE9CE70C4EAC281E099
Requests: 15 HTTP requests in this frame

Frame: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EFE03F03CB03DCC6427591F7EABBDBC0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVO-ys1GME4bsnTa22pYHxt9A-pdg1Kc1qvXVjCR701wUqokk71f8dtTSZV2KAeQGQZjfWz8aDlGevFLCEUoj9RH4rIgQ
Frame ID: 3C02ACFC41BE50C22B142740E54B4E32
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVluzmOe9d-ppkipj15XUlE6vEmVGOpe4SMxWGhpSE3P7rqf5qeNt04dfLq4ptdM8vcwU0AOW2rdNH2KRm6o3SfLxQYDA
Frame ID: ACDDB9C7E685A0489E1018943F25F7FE
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 9DBA2273BDF28F7E0F2AB17B6A0A766D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11DFD8F8B8469CAF890C3C7E9E0A7DEC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9095113DF3BE0D17C188880480A3DC3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0392029B246355CADCF6B46C0AA49A0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F4BF841DED9EA5CBFBC819E4E3FC0705
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 976A0B2C0E8B79B689EE1629E9F355E2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Frame ID: 451AE50BD40491025FADDF8B5860A273
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Frame ID: 55F25B4F2853B28604F6FF06AED0DE66
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 753A17E63AD8901A63823F9146EBAD83
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 267568B2227EBC8472DD9ABA32E22A4D
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 85AB08EE930008A0463A6E2347D08002
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7E4BF42C6C75FCFB44EC4D80547C45DA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 05778ECEBFB2B5D46AFF16894DB637B1
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E59810CC3064287A72E034BD756DAEF8
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664206260954
Frame ID: 032917EE315716A77A98A4E07B93BB25
Requests: 14 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 05F11266253B1C5C867B53AA0DBD2325
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 925F341740745D0D5D3BF865DEA20839
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: FF384E951C21D8EDB308E742AC8D334E
Requests: 3 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Drkt%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D%7Buserid%7D
Frame ID: 420854BB158E6FA6DD0F007AC765D4C0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Frame ID: A8550FBBAE9AC9D15AABB1D16DC5B419
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: A327F67899D8DCE00170B6CD8D60D847
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: CC318CF49A331967F2AB2B2E3EFB71EB
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A3A834A0FFFEE027C98080E73AF7EB0A
Requests: 14 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 88EECF31CB4EB39DD6DDDCD1A4D46D72
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 6A93858E837B96CBBEB17AA2FB12EEB6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 664B313AA8313474AF0A6D0A8A57A21E
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Frame ID: 7C4079C31B63E7171F166B8DCA3EF904
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 287EE6D1F62F2D34B9D60DFE5B192300
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9iOTU1NjI2YS1lZjllLTQxODEtOGUyMS1kN2UzODgyMGQ1ZTc=&gdpr=0&gdpr_consent=
Frame ID: AC24284F6A516429770C3B4ED7EE01A8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 29D36515AD787FDE911E15AF154C494A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=f7963f69-d15a-4895-892d-0bdf78348503
Frame ID: DA8766339275E62588333540C65F85F2
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: DD11F2B360633D9C07D5D62657058F10
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YzHFvMCo8YsAAAmHTZwAAAAA
Frame ID: D3555E71C5FC18A1C2E8F2F621C7F0F4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YzHFuJoI-i.zgnvw2wd.agAA%264686
Frame ID: CD9CEC9C696397CF6037AF2EF2DAED91
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: CC4596979035BD46A9E4D4D649CA55C7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A8D2FD955B491E76033D0CD6751CF281
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=253303C8-4F6D-47E9-AE8C-528D714A710C
Frame ID: 5B7E3B0B7285E153BACC48738ABC989B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Frame ID: CDD04A3A9572C27346FE99322CD28BBA
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 0D8492B00DC6AB82F045019305BA726A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WlA5pAeOCw-TOQjyvMUxYw
Frame ID: EE1E5F5F35582D53F8C0624CE99141A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x7ggcuiuhjw
Frame ID: 501583A44886F4F4C907B782B9DA46D0
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 0980947203EC367DFF58D2A531127B39
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 174B0B82D92B7491C3CF394B7747386B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: F551D2D1490BE88D79C7F5BA9EB698A4
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=253303C8-4F6D-47E9-AE8C-528D714A710C
Frame ID: 39F08B06CD69E1B619423475769F5442
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Frame ID: C7E70F06D539D361777186AEFC187316
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: AFB3FB86E26D18A94013A269148D5A97
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: EB4714ABF6EAFE10F68A2FBDE9AE82EA
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c3f906ec-5e68-4dee-9213-6547cae241c1-tucta2b4b3c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 1D36476E4EA1547B6D3B8880969A419F
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: E696AC73EF12B2C2A8AF84F1E5D961C8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: D5BC4F7DF6F31E653001AFD73D98E9CB
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: EF4584C7342836F4C61F1011BC33E9D0
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
Frame ID: 96928E53FBB3956745505612EBC03FC3
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 79104DF3292D93C81368104BFAAE908D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=pba&refUrl=&vid=42062671673072078661534908000V10&ovsid=253303C8-4F6D-47E9-AE8C-528D714A710C
Frame ID: 7F2088AA77BD2F9C6178E40F84710C8C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

皮夾不見卡片全掛失!他回家見這幕眼神死 3.9萬網友笑瘋 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

525
Requests

70 %
HTTPS

0 %
IPv6

100
Domains

155
Subdomains

87
IPs

8
Countries

3324 kB
Transfer

8834 kB
Size

87
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1&C=1
Request Chain 243
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzHFuIs8Je28RJ-2Gwd3sgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDAZlIecQnAOSQ18vS5r-0w&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDAZlIecQnAOSQ18vS5r-0w%26google_cver%3D1
Request Chain 245
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3ODc4ODc4MzIyMDgxNjkwNQ%3D%3D
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELbQP3rs8wTpksrJz-O70zA&google_cver=1
Request Chain 247
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGIxOWZiZWItYzM4MS0yNmY2LWZiYjgtMGNlODk5NTNlYTkz
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFUgCf96o2Z0fIlftmIArBk&google_cver=1
Request Chain 249
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzA2NjAxY2MtZmI4Yy00MjkzLTkzZGEtZjVhY2I1YTI0ZTIz
Request Chain 250
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9a6Sx1vTMAWCOruCWRdknxF1ZB8BVvH-hfdbtwofPwZkdZjW_u6x-FnJ_JjWAFaWQJNuZ2EUP9UrrzXOWAKB9eKzrlvO3lbqEVSrt573plqm5tVI7LqEJOd1EnV1KJM3zZs7CEcUbu_maIg3nJ9zo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmNiNTllNGItNmQwOS00NWNlLThmNDktMDlkMzQ4OGNiMWZk&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9a6Sx1vTMAWCOruCWRdknxF1ZB8BVvH-hfdbtwofPwZkdZjW_u6x-FnJ_JjWAFaWQJNuZ2EUP9UrrzXOWAKB9eKzrlvO3lbqEVSrt573plqm5tVI7LqEJOd1EnV1KJM3zZs7CEcUbu_maIg3nJ9zo
Request Chain 251
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOTlSE-p5W84Gv6YM8zD7O4&google_cver=1&google_push=AZmPxg_U547_Cs_q5OAsoS4mPVVCBTh7cBdiVxfMed92tmSZKvYPYEGEpRbjzhIxeJPdNAWjHGfgx-BtKi3iy-D_IGzl3bFHF5cF5M4SBEo8YLtiklIdZ3rg2AhWnk2za5hKAVZdAAUX9JenZNltqHce7m4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOTlSE-p5W84Gv6YM8zD7O4&google_cver=1&google_push=AZmPxg_U547_Cs_q5OAsoS4mPVVCBTh7cBdiVxfMed92tmSZKvYPYEGEpRbjzhIxeJPdNAWjHGfgx-BtKi3iy-D_IGzl3bFHF5cF5M4SBEo8YLtiklIdZ3rg2AhWnk2za5hKAVZdAAUX9JenZNltqHce7m4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU1NzU1MDAzNjU5NTUzMjkxMw&google_push=AZmPxg_U547_Cs_q5OAsoS4mPVVCBTh7cBdiVxfMed92tmSZKvYPYEGEpRbjzhIxeJPdNAWjHGfgx-BtKi3iy-D_IGzl3bFHF5cF5M4SBEo8YLtiklIdZ3rg2AhWnk2za5hKAVZdAAUX9JenZNltqHce7m4
Request Chain 252
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKH_w9AOLMZrNplknLr8IEY&google_cver=1&google_push=AZmPxg-N45wrckH7gfoXQWtMknA8EozxKTzdoRrTigivSYvfO-mMwGld0nM1u6i4Pb3Fj5g7SgVVqPdiOKmrSYaGJFhrmHFAt77vw_ug3wWSnJ6zObIeH8wdAhXN9tYJJjLTgLcRMIGfZLCwGwylBmaEjnY HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKH_w9AOLMZrNplknLr8IEY&google_cver=1&google_push=AZmPxg-N45wrckH7gfoXQWtMknA8EozxKTzdoRrTigivSYvfO-mMwGld0nM1u6i4Pb3Fj5g7SgVVqPdiOKmrSYaGJFhrmHFAt77vw_ug3wWSnJ6zObIeH8wdAhXN9tYJJjLTgLcRMIGfZLCwGwylBmaEjnY&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EjXXBkXGTYaZJdVTwu29rg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-N45wrckH7gfoXQWtMknA8EozxKTzdoRrTigivSYvfO-mMwGld0nM1u6i4Pb3Fj5g7SgVVqPdiOKmrSYaGJFhrmHFAt77vw_ug3wWSnJ6zObIeH8wdAhXN9tYJJjLTgLcRMIGfZLCwGwylBmaEjnY
Request Chain 253
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGHZeGsGgWAHyZHMp3ZEyRg&google_cver=1&google_push=AZmPxg84T3akYhSMTamTL9udbKcRBx_WoGBoRJAz4qFXZWI17vmTkfLZ84DQk7R_AhtQue4IQy6emiN0DpRBpgXeBZimKdjRS3FhTnZaU3X8QXBmGbDII4gHcRaBtcKMNJtae-E2BE5_uSlhT0tKrEJkNBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=24cf6835&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg84T3akYhSMTamTL9udbKcRBx_WoGBoRJAz4qFXZWI17vmTkfLZ84DQk7R_AhtQue4IQy6emiN0DpRBpgXeBZimKdjRS3FhTnZaU3X8QXBmGbDII4gHcRaBtcKMNJtae-E2BE5_uSlhT0tKrEJkNBw
Request Chain 254
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEH8haamKdosUpPOPlWyHqGc&google_cver=1&google_push=AZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222zIS3y4X7h3K6BgjqU3Jmu-BzuKB-zAOBSaM-Mzi9lb-3cfVmjxQjGO1ePXZFFQP2zWfnRp8NVB3_UfBQZBbbRelizC1z7Tmk4Fl9Uus HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEH8haamKdosUpPOPlWyHqGc%26google_cver%3D1%26google_push%3DAZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222zIS3y4X7h3K6BgjqU3Jmu-BzuKB-zAOBSaM-Mzi9lb-3cfVmjxQjGO1ePXZFFQP2zWfnRp8NVB3_UfBQZBbbRelizC1z7Tmk4Fl9Uus HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A2239767280238030244&exchange=193&google_gid=CAESEH8haamKdosUpPOPlWyHqGc&google_cver=1&google_push=AZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222zIS3y4X7h3K6BgjqU3Jmu-BzuKB-zAOBSaM-Mzi9lb-3cfVmjxQjGO1ePXZFFQP2zWfnRp8NVB3_UfBQZBbbRelizC1z7Tmk4Fl9Uus HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIyMzk3NjcyODAyMzgwMzAyNDQ&google_push=AZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222zIS3y4X7h3K6BgjqU3Jmu-BzuKB-zAOBSaM-Mzi9lb-3cfVmjxQjGO1ePXZFFQP2zWfnRp8NVB3_UfBQZBbbRelizC1z7Tmk4Fl9Uus
Request Chain 255
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECbnEZ3dZaKN3wZ0XpyHTzk&google_cver=1&google_push=AZmPxg8jUl_2CYmJGbhwJ6hjFVWJW-AeRHXOoOL4SDpVdkHE2dUGuK6NaLQ6VZ8TcOB70tGGL-fzavng9xs8r2UawjOcQUdhCTa_PYewJ8DVmVdqGTgP-KguTOY8hNAzkACBBt85FpO2AaWpiPw6_RP74z8 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECbnEZ3dZaKN3wZ0XpyHTzk&google_cver=1&google_push=AZmPxg8jUl_2CYmJGbhwJ6hjFVWJW-AeRHXOoOL4SDpVdkHE2dUGuK6NaLQ6VZ8TcOB70tGGL-fzavng9xs8r2UawjOcQUdhCTa_PYewJ8DVmVdqGTgP-KguTOY8hNAzkACBBt85FpO2AaWpiPw6_RP74z8&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00aEw1dE1kRTJ1R05Ga1VnZkVtdnhFTWRucDQwZ2Z3cn5B&google_push=AZmPxg8jUl_2CYmJGbhwJ6hjFVWJW-AeRHXOoOL4SDpVdkHE2dUGuK6NaLQ6VZ8TcOB70tGGL-fzavng9xs8r2UawjOcQUdhCTa_PYewJ8DVmVdqGTgP-KguTOY8hNAzkACBBt85FpO2AaWpiPw6_RP74z8
Request Chain 256
  • https://trace.mediago.io/cs/google?google_gid=CAESEJ_2PWUkA1WuVGkc7iHYGJU&google_cver=1&google_push=AZmPxg-TYdHtPXfbDmtXXFY-LpuhdIwCgY3gRxPPoWyqQkg1wd0TNRLqgX5JtAx9WX-x-p84IMGVYzfYRRQJCRh2X-RiuZjz4E8mtYi422HasN7vYRe3x4NHqwp6rIXWpV5z2mvOuFX_IH8SJrEnqpwaZupT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg-TYdHtPXfbDmtXXFY-LpuhdIwCgY3gRxPPoWyqQkg1wd0TNRLqgX5JtAx9WX-x-p84IMGVYzfYRRQJCRh2X-RiuZjz4E8mtYi422HasN7vYRe3x4NHqwp6rIXWpV5z2mvOuFX_IH8SJrEnqpwaZupT&google_hm=ZWMwMjg0MmEyYjdjNDRkNTMyMWUwNWExNTI0MDM5MWY=
Request Chain 290
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECB5LHiIEKGn7JhDmDqWcTc&google_cver=1&google_push=AZmPxg-nHn10j5BpReuQ7H77rNQE1RDXcs8Xsg98SKjSlNeKLDfgK_rv17qoQi3sAOJ6W3bydfuHVl3sCX13-mD4oe9PYFBUa8N4EMDHlBDwEGFyezDQFTGdfZunL1YpJy0RrTB6Ep3ur7Ztgcql6neZXxQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-nHn10j5BpReuQ7H77rNQE1RDXcs8Xsg98SKjSlNeKLDfgK_rv17qoQi3sAOJ6W3bydfuHVl3sCX13-mD4oe9PYFBUa8N4EMDHlBDwEGFyezDQFTGdfZunL1YpJy0RrTB6Ep3ur7Ztgcql6neZXxQ
Request Chain 291
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9_vUY8XdlEdO8AdXxEeCj73P5RFu4-HwcQmBhax0VGqKBDcLOUT9QNh1O9Xe5Y4Y1dCgqI1JrVat6Ovrs2O6VpuwiKh5J4_1m6GpDpt6THjKrllrbYwymwu4Si4i7RUvJAHG5OX1vjIyN-wYaXrPk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTEzNzdkMzQtNmQwZC00OWMwLThjM2EtMDU5MDYyOTZhNTY0&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9_vUY8XdlEdO8AdXxEeCj73P5RFu4-HwcQmBhax0VGqKBDcLOUT9QNh1O9Xe5Y4Y1dCgqI1JrVat6Ovrs2O6VpuwiKh5J4_1m6GpDpt6THjKrllrbYwymwu4Si4i7RUvJAHG5OX1vjIyN-wYaXrPk
Request Chain 292
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIj0br4qwIhyXd0rJLVFEtM&google_cver=1&google_push=AZmPxg9JLnALrpBu2b6Ed6Btyqw31maAusI-v2NpEbyOtTOWZfziZ8JWQM-g2nUgtjfScxJlLVj9A8Vy28XddMtjwwXCZKP2Cgw9C5c397NEfQlepeGABfFR0J4_aFMkwFQkPrDXRzL3Yr_MB-iM9hwgSLg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIj0br4qwIhyXd0rJLVFEtM&google_cver=1&google_push=AZmPxg9JLnALrpBu2b6Ed6Btyqw31maAusI-v2NpEbyOtTOWZfziZ8JWQM-g2nUgtjfScxJlLVj9A8Vy28XddMtjwwXCZKP2Cgw9C5c397NEfQlepeGABfFR0J4_aFMkwFQkPrDXRzL3Yr_MB-iM9hwgSLg HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fae9bec8-882e-4864-8632-4ec210fd43f3 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fae9bec8-882e-4864-8632-4ec210fd43f3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f8386851-2088-4aac-9803-8ce2ff57b2a2&user_group=1&ssp=google&bsw_param=fae9bec8-882e-4864-8632-4ec210fd43f3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9JLnALrpBu2b6Ed6Btyqw31maAusI-v2NpEbyOtTOWZfziZ8JWQM-g2nUgtjfScxJlLVj9A8Vy28XddMtjwwXCZKP2Cgw9C5c397NEfQlepeGABfFR0J4_aFMkwFQkPrDXRzL3Yr_MB-iM9hwgSLg&google_hm=-um-yIguSGSGMk7CEP1D8w==
Request Chain 293
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEILEyJY7B6cJySH7-_4o6N8&google_cver=1&google_push=AZmPxg-Uje729ceGHqCzJ2061LkG6QrrViva2n72uELSH6RVTDJVQ89FSt2NDsZqnKx-E_V80IrHOVhU8IosM0cHBH-YMYkDf7m6SwnNLacpHZw3fpwemL0D86wo-Hj24txVnJFBQMcymA5xfK542-hMSoo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-Uje729ceGHqCzJ2061LkG6QrrViva2n72uELSH6RVTDJVQ89FSt2NDsZqnKx-E_V80IrHOVhU8IosM0cHBH-YMYkDf7m6SwnNLacpHZw3fpwemL0D86wo-Hj24txVnJFBQMcymA5xfK542-hMSoo
Request Chain 296
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAKR2W4ekFrFly3as6jM-y4&google_cver=1&google_push=AZmPxg_WyCuvl-6hihII8pfJ0EueYgdAhd4CPEa-gGxLxWe1W3GpK_G4qfWqVapp5g1_TuEjI-jC0VZim_NOB7_-vNCb9gKN717w6qQhnYyx-ANY3O76m7-uTVTkU-P_iT2AznifB8xqJPc HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEAKR2W4ekFrFly3as6jM-y4&google_cver=1&google_push=AZmPxg_WyCuvl-6hihII8pfJ0EueYgdAhd4CPEa-gGxLxWe1W3GpK_G4qfWqVapp5g1_TuEjI-jC0VZim_NOB7_-vNCb9gKN717w6qQhnYyx-ANY3O76m7-uTVTkU-P_iT2AznifB8xqJPc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Zjc5NjNmNjktZDE1YS00ODk1LTg5MmQtMGJkZjc4MzQ4NTAz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f7963f69-d15a-4895-892d-0bdf78348503
Request Chain 297
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEKrPrgMVkw51t1n9J3L7n6Y&google_cver=1&google_push=AZmPxg93-2gFTQTA2bdHsraxMsM_FZhppVSP44YhZGcbAQC-KIbl8FidVx41YYwspD7HmDCOulDrIpGjqKe308fT9j3dGFX8JRL9rn3fvwm5HDhEFS5bV-inWLjbynn1IBHTogIn__K6UCM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg93-2gFTQTA2bdHsraxMsM_FZhppVSP44YhZGcbAQC-KIbl8FidVx41YYwspD7HmDCOulDrIpGjqKe308fT9j3dGFX8JRL9rn3fvwm5HDhEFS5bV-inWLjbynn1IBHTogIn__K6UCM&google_hm=NTBmRlY1MDFOQkRBWTAwOEdXVk8
Request Chain 298
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESECqcj1pXDKjDlFSjno0MVso&google_cver=1&google_push=AZmPxg_ovqJ9JjpOiK8N5cO6X7Cz2HOZnSJfgZOsW7PzNDjp1wcxcp38Vkh72L-ilW-P50JRsXqjPKkZmbzfdienEUrQ186w2Wi9y12sqlb3zDCDJ1dU8AGgRBzZSjZzu9ibt15lf0FkGw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AZmPxg_ovqJ9JjpOiK8N5cO6X7Cz2HOZnSJfgZOsW7PzNDjp1wcxcp38Vkh72L-ilW-P50JRsXqjPKkZmbzfdienEUrQ186w2Wi9y12sqlb3zDCDJ1dU8AGgRBzZSjZzu9ibt15lf0FkGw
Request Chain 299
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKH_w9AOLMZrNplknLr8IEY&google_cver=1&google_push=AZmPxg-EDpJACKvoPe5kTCRFGqtm8-FvNCsOQESR02vTbkjZAz0qMO5z6Ldml6RJYB2SCtZqwTZ-sebqz4iT-LdEv4Gu2OdgBY9aqenOlDTOb-KZ_zswGYtBvS9p6wjXwrh9PuP7uHVD6iE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JTMDyE9tR-mujFKNcUpxDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-EDpJACKvoPe5kTCRFGqtm8-FvNCsOQESR02vTbkjZAz0qMO5z6Ldml6RJYB2SCtZqwTZ-sebqz4iT-LdEv4Gu2OdgBY9aqenOlDTOb-KZ_zswGYtBvS9p6wjXwrh9PuP7uHVD6iE
Request Chain 300
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFG60oBE76K3alfd3fbNKQ8&google_cver=1&google_push=AZmPxg_kZVClcfYXldU0sWosren-3en8affs8PL_GGSsW1-LVXTRo9wivE59Z-slEUqm4IR-FoiqA8gdPcT8sQeFotlmGisXxpECr1spspifANJ_3DMJFR8fcttiRaGizoljT7Quyab458c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psW7WIgO3XjsL4Kd_3aDeyEfBfS1gWog&google_push=AZmPxg_kZVClcfYXldU0sWosren-3en8affs8PL_GGSsW1-LVXTRo9wivE59Z-slEUqm4IR-FoiqA8gdPcT8sQeFotlmGisXxpECr1spspifANJ_3DMJFR8fcttiRaGizoljT7Quyab458c
Request Chain 301
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF_Swr1uzKGiM4uK7a4zu8w&google_cver=1&google_push=AZmPxg8T142qpPUEN-R9V0GF9LLEBdw-edBCmls8ehY-U3dUmAirz3OtiY45bfGGiIKW9jjCrsEB_MNishlyKAC8pGPSIo1-_ASW7VMStXiEF0QjhXCrqZ_2cR04xxsI6KYtaBTng8D7_g HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8T142qpPUEN-R9V0GF9LLEBdw-edBCmls8ehY-U3dUmAirz3OtiY45bfGGiIKW9jjCrsEB_MNishlyKAC8pGPSIo1-_ASW7VMStXiEF0QjhXCrqZ_2cR04xxsI6KYtaBTng8D7_g&google_gid=CAESEF_Swr1uzKGiM4uK7a4zu8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw&google_push=AZmPxg8T142qpPUEN-R9V0GF9LLEBdw-edBCmls8ehY-U3dUmAirz3OtiY45bfGGiIKW9jjCrsEB_MNishlyKAC8pGPSIo1-_ASW7VMStXiEF0QjhXCrqZ_2cR04xxsI6KYtaBTng8D7_g
Request Chain 302
  • https://trace.mediago.io/cs/google?google_gid=CAESEJ_2PWUkA1WuVGkc7iHYGJU&google_cver=1&google_push=AZmPxg9RyMXQrEKWTJh7jxam0-HH0OxBQtI4Ut3JVJadneMG-K8CWITp9NlXCO2VsS96KclEqbOgC5WM9er2ccJK5S9HXyvJlQp27DhE45nkvoReWrwVxIacZzUbOfTCzrryPsPUciHJP6A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg9RyMXQrEKWTJh7jxam0-HH0OxBQtI4Ut3JVJadneMG-K8CWITp9NlXCO2VsS96KclEqbOgC5WM9er2ccJK5S9HXyvJlQp27DhE45nkvoReWrwVxIacZzUbOfTCzrryPsPUciHJP6A&google_hm=MjgwNGZiMDFhYjQ1YjJjOTI0OGI5ZmE2M2NiN2MwODk=
Request Chain 342
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L8IXFT6V-14-DH4C&gdpr=0&us_privacy=1---
Request Chain 343
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=ad4b9727-b049-4f06-89f1-75509c63b373&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fae9bec8-882e-4864-8632-4ec210fd43f3&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545649974457354&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525545649974457354&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f56b502e-40e7-4d9f-af3d-c95924c5a9c1&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525545649974457354&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209180804286003721316&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525545649974457354&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 344
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dad4b9727-b049-4f06-89f1-75509c63b373&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4267%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dad4b9727-b049-4f06-89f1-75509c63b373%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1hZDRiOTcyNy1iMDQ5LTRmMDYtODlmMS03NTUwOWM2M2IzNzM%253D%26uid%3D%24UID
Request Chain 345
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=ad4b9727-b049-4f06-89f1-75509c63b373 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A&gdpr=0&gdpr_consent=
Request Chain 346
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2923828858205019965&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 347
  • https://match.adsrvr.org/track/cmf/openx?oxid=f7762821-0af6-7852-ee58-565153b124f3&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7963f69-d15a-4895-892d-0bdf78348503&ttd_puid=f7762821-0af6-7852-ee58-565153b124f3&gdpr=0&gdpr_consent=
Request Chain 348
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzHFusCo8YsAAAmHTQcAAAAA
Request Chain 349
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASMGUdIsQqi9ks8ADsd_zEsKkc8AAAGDemxing
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELbQP3rs8wTpksrJz-O70zA&google_cver=1
Request Chain 352
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f7963f69-d15a-4895-892d-0bdf78348503&dongle=0cfd
Request Chain 353
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMqeurBGGmJ9rEMzxY_OjqI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 355
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw
Request Chain 356
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=321499327569780813550&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=321499327569780813550&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=189c4cab-afdd-4d3f-9c75-a5c9dbdfdfcf&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=189c4cab-afdd-4d3f-9c75-a5c9dbdfdfcf&_noobservation=1&_expected_cookie=546f1b4cdc04497eac566b76a4a26793
Request Chain 357
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=321499327569780813550&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1557550036595532913&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=fae9bec8-882e-4864-8632-4ec210fd43f3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 358
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/321499327569780813550?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-jbUwQ8NE2oR5JQKluyHnq5LLtAwQ8CXNmT.UxT83dA--~A&dongle=0883
Request Chain 359
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=321499327569780813550 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=321499327569780813550&dcc=t
Request Chain 361
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=HKHwX1HON3nVMjAjzleF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBFUQ52YGFEE6TRTNZLE22SBNJ5GYZKG&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBFUQ52YGFEE6TRTNZLE22SBNJ5GYZKG
Request Chain 363
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=1&gdpr_consent=
Request Chain 365
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2986570318451776300
Request Chain 367
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psYQmD4GFmarLX8jxpempI9Ktw1j5IgA
Request Chain 369
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLqLx5kGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 370
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFG60oBE76K3alfd3fbNKQ8&google_cver=1
Request Chain 374
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=
Request Chain 379
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzMwNjNkYzFjNTBjNjFlMmZhMDMxNjAzODY5MmEzYWFkM2I3NDA0ZA
Request Chain 380
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8IXFT6V-14-DH4C
Request Chain 381
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJnppzqr-FOfeWNSz4L3I1M&google_cver=1
Request Chain 383
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OLVAITzWT7yAU4-LRUVCyw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OLVAITzWT7yAU4-LRUVCyw
Request Chain 384
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=&expires=30
Request Chain 385
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJWEZUNlYtMTQtREg0Qw==
Request Chain 386
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/d8RBV18_xEF6GaIvREHZNcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1038513523758955226
Request Chain 389
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 392
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dapx%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=apx&refUrl=&vid=42062671673072078661534908000V10&ovsid=2986570318451776300
Request Chain 393
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dopx%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3072078661534908000V10&type=opx&refUrl=&vid=42062671673072078661534908000V10&ovsid=3f5a41be-a1f6-42b2-8d17-283fe15eb62f
Request Chain 394
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dr1%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dr1%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D%5BRX_UUID%5D&cb=1664206267948 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7778455510 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f7963f69-d15a-4895-892d-0bdf78348503 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA3MjA3ODY2MTUzNDkwODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOxKOVN1S2yLZptuSjvrbtI&google_cver=1
Request Chain 396
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Ddxu%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Ddxu%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=dxu&refUrl=&vid=42062671673072078661534908000V10&ovsid=tIVC2xu21OCQ4A5
Request Chain 398
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3Dfae9bec8-882e-4864-8632-4ec210fd43f3%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=cbf5b907354d4f6b9e9d8e3dd5aa601c&ssp=medianet&bsw_param=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&gdpr_pd=1
Request Chain 399
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dzem%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=yKmvGEHcsZLFk90BwS-D&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLZJNWXMR2FJBRXGWSMIZVTSMCCO5JS2RBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DEMBWGI3DOMJWG4ZTANZSGA3TQNRWGE2TGNBZGA4DAMBQKYYTAJTWONUWIPJTGA3TEMBXHA3DMMJVGM2DSMBYGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLZJNWXMR2FJBRXGWSMIZVTSMCCO5JS2RBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DEMBWGI3DOMJWG4ZTANZSGA3TQNRWGE2TGNBZGA4DAMBQKYYTAJTWONUWIPJTGA3TEMBXHA3DMMJVGM2DSMBYGAYDAVRRGA
Request Chain 400
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3072078661534908000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3072078661534908000V10
Request Chain 402
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f7963f69-d15a-4895-892d-0bdf78348503
Request Chain 403
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f7963f69-d15a-4895-892d-0bdf78348503&expiration=1666798267&gdpr=0&gdpr_consent=
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDzuOTPgICTLdprC1xJ9i9E&google_cver=1
Request Chain 405
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB&dcc=t
Request Chain 406
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2986570318451776300
Request Chain 407
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a2e26331-c5ba-4300-9696-db0b2688ccd8
Request Chain 409
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YzHFuJoI-i.zgnvw2wd.agAA%264686?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YzHFuJoI-i.zgnvw2wd.agAA%264686
Request Chain 410
  • https://id.rlcdn.com/711587.gif HTTP 307
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Request Chain 418
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 419
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8IXFT6V-14-DH4C&gdpr=0&us_privacy=1YN-
Request Chain 420
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2986570318451776300
Request Chain 421
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FYaDDRZHoxrHi3oaRX2Yi6Eg
Request Chain 422
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FYaDCLZHfNuPN0vZRZWqLMiM
Request Chain 423
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=648b78b4-d8fa-4522-aaad-60f4c02e2845
Request Chain 424
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1664206267948 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=581371391 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f7963f69-d15a-4895-892d-0bdf78348503 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Request Chain 427
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=ad4b9727-b049-4f06-89f1-75509c63b373&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 428
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
Request Chain 429
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0yY2ExY2UyZC0zZGQ5LTMzZTYtOTE5MS1jZTNmNzg2YWE1MGYqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMmNhMWNlMmQtM2RkOS0zM2U2LTkxOTEtY2UzZjc4NmFhNTBmMgIGDDgB%26buyeruid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3147%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Dad4b9727-b049-4f06-89f1-75509c63b373%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB5WTJFeFkyVXlaQzB6WkdRNUxUTXpaVFl0T1RFNU1TMWpaVE5tTnpnMllXRTFNR1lxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE1tTmhNV05sTW1RdE0yUmtPUzB6TTJVMkxUa3hPVEV0WTJVelpqYzRObUZoTlRCbU1nSUdERGdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/1/3147?gdpr=0&gdpr_consent=&us_privacy=&A=ad4b9727-b049-4f06-89f1-75509c63b373&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB5WTJFeFkyVXlaQzB6WkdRNUxUTXpaVFl0T1RFNU1TMWpaVE5tTnpnMllXRTFNR1lxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE1tTmhNV05sTW1RdE0yUmtPUzB6TTJVMkxUa3hPVEV0WTJVelpqYzRObUZoTlRCbU1nSUdERGdCJmJ1eWVydWlkPQ%3D%3D&uid=YzHFuJoI-i.zgnvw2wd.agAA%264686
Request Chain 430
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
Request Chain 436
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psZnC3THgCLs1pjAeb1pFbq3DvAg2blA
Request Chain 437
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Request Chain 438
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=L8IXFT6V-14-DH4C&gdpr=0
Request Chain 439
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2986570318451776300
Request Chain 441
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=9053853491981124446
Request Chain 443
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
Request Chain 444
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjUzMzAzQzgtNEY2RC00N0U5LUFFOEMtNTI4RDcxNEE3MTBD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 445
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
Request Chain 446
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=
Request Chain 447
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Donetag%26bsw_param%3Dfae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=a2e26331-c5ba-4300-9696-db0b2688ccd8&expires=30&ssp=onetag&bsw_param=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 453
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB
Request Chain 455
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2986570318451776300
Request Chain 456
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=yKmvGEHcsZLFk90BwS-D&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26KLNV3EORKIMNZVUTCGNM4TAQTXKMWUI HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26KLNV3EORKIMNZVUTCGNM4TAQTXKMWUI
Request Chain 460
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2986570318451776300
Request Chain 461
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_b955626a-ef9e-4181-8e21-d7e38820d5e7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
Request Chain 463
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=004b8c51-22e3-4004-8923-46bc9be125b5
Request Chain 465
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-qVsQZm1E2pcWIly7j3f0AExdpxCeHgen_aYR~A
Request Chain 469
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_b955626a-ef9e-4181-8e21-d7e38820d5e7&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=yKmvGEHcsZLFk90BwS-D&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KLNV3EORKIMNZVUTCGNM4TAQTXKMWUIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Request Chain 470
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=79314f72-4e01-412d-9264-268fe08ac71a
Request Chain 471
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5846453117 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f7963f69-d15a-4895-892d-0bdf78348503 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Request Chain 472
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=7ki2yGVLDQer&ev=1&pid=558355
Request Chain 475
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Request Chain 479
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=f7963f69-d15a-4895-892d-0bdf78348503
Request Chain 481
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YzHFvMCo8YsAAAmHTZwAAAAA
Request Chain 482
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YzHFuJoI-i.zgnvw2wd.agAA%264686
Request Chain 484
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 487
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Request Chain 489
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WlA5pAeOCw-TOQjyvMUxYw
Request Chain 490
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x7ggcuiuhjw
Request Chain 492
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 493
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=650ec70d28074462812fe0e3d4431931 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 495
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8395016089 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f7963f69-d15a-4895-892d-0bdf78348503 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Request Chain 496
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:tIVC2xu21OCQ4A5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 498
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c3f906ec-5e68-4dee-9213-6547cae241c1-tucta2b4b3c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 503
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 505
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JTMDyE9tR-mujFKNcUpxDA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 506
  • https://idsync.rlcdn.com/420486.gif?partner_uid=253303C8-4F6D-47E9-AE8C-528D714A710C HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c084a906f72727c41765630c00915594f2ae0533a7db8ea3060b352ea1844ac7791426b5417dce21&_=2
Request Chain 507
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a2e26331-c5ba-4300-9696-db0b2688ccd8
Request Chain 508
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJDBC_hgr7Ar4HwLT1UuUd0&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 511
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f7963f69-d15a-4895-892d-0bdf78348503
Request Chain 512
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 513
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=253303C8-4F6D-47E9-AE8C-528D714A710C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kp9ZebRE2uXtIjdcfmEflnhHCKi9NNE-~A&gdpr=0&gdpr_consent=
Request Chain 514
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0a1-g4SrL4fKqnmD0vxgi9KpK4fKrniFg__ihM51 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 515
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2986570318451776300&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 516
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1557550036595532913 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 517
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2923828858205019965&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 518
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2986570318451776300
Request Chain 527
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8IXFT6V-14-DH4C HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8IXFT6V-14-DH4C

525 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
www.bg3.co/a/ 		51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
28869892b3ebc9599f527958eedb8e5e6a3d3d28c7f8a39433863488f39ba728

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 26 Sep 2022 15:30:53 GMT
ETag
"cc77-MrRguDix3eYSk4+S8+05ihrMQP0"
Expires
Mon, 26 Sep 2022 16:30:53 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72580
x-xss-protection
0
server
sffe
date
Mon, 26 Sep 2022 15:30:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"262efd4b6b76c562"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 26 Sep 2022 15:30:54 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9655
x-xss-protection
0
server
sffe
date
Mon, 26 Sep 2022 15:30:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"8ff35979583bd4ad"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 26 Sep 2022 15:30:54 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
date
Mon, 26 Sep 2022 15:30:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d4da8c7cd0fe74c1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 26 Sep 2022 15:30:54 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
date
Mon, 26 Sep 2022 15:30:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ca421db8126f307e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 26 Sep 2022 15:30:54 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UT8DfGH4Z%2FR24fqrw3MFUgLHzW1yswomH%2FFS%2FgQJBKwcIiXBXruDoiMCi20v5SgN2rBHrD0KSj4guXHoJ7liHLdPN8nvLIOBXkVFd1%2BEEo72U3VCXsCB7xZm1ds6eqqcJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
750d0b22f96cdf91-MEL

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 26 Sep 2022 15:30:55 GMT
content-encoding
br
last-modified
Mon, 26 Sep 2022 07:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=916
x-cf-geodata
AU
content-type
application/javascript
content-length
9571
expires
Mon, 26 Sep 2022 16:30:55 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
b8495f96bf23b93cee2ad9dd1ebe81e84cac8fc9e8d247546ae2b5d64e6d0b40

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 26 Sep 2022 15:30:54 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:51 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=18
x-cf-geodata
AU
content-type
application/javascript
content-length
105414
expires
Mon, 26 Sep 2022 16:30:54 GMT
e4300924b7ab334d4b423aa909ae4829.jpg
static.bg3.co/imgs/202105/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e4300924b7ab334d4b423aa909ae4829.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d8ed0a5be1894d2ffe2f8904b346a098909f89b77c73807549f0ba81831013c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 08:15:10 GMT
server
cloudflare
etag
"E4300924B7AB334D4B423AA909AE4829"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLEZEDwF36nfIjQIvU9WYHHVPYsAXFQ241p7W%2FSVvvY3gHo7M2wUfYjCErdxUZ8y2FROsuPAdIP0jwjRjvQ32FSRUwozSBUdExn8NW99D%2BAKPQvDMX56COvAJODeB08%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b24dd683773-MEL
content-length
66631
expires
Mon, 03 Oct 2022 15:30:55 GMT
63ee351c9e0bf6152c6ffd3696067415.jpg
static.bg3.co/imgs/202108/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202108/63ee351c9e0bf6152c6ffd3696067415.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66ab9c2bd42d7e80340592a4643333e5faa521a607f6ac637c804c4baf8e44e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Aug 2021 09:23:22 GMT
server
cloudflare
etag
"63EE351C9E0BF6152C6FFD3696067415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQOU0vJD%2Byu44UExAFgb3etSggzPnSEDeQvN9GHhr5LG2CTYVxTR4UMjVODYveD0VbB1G7P9FzG7ZX4iqFckFPaTXNmBQ4B%2FJlEymRCoy4ELFJQ1R%2BeIBSBtK%2Byw568%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b24dd6a3773-MEL
content-length
12133
expires
Mon, 03 Oct 2022 15:30:55 GMT
99fab097c9bb9d8976bf7dd91bc0fcc6.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/99fab097c9bb9d8976bf7dd91bc0fcc6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48de8a58198a2558ee1dcae396b838dadb810ac34bef0dcbb6af57f3c97da6f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 13:23:50 GMT
server
cloudflare
etag
"99FAB097C9BB9D8976BF7DD91BC0FCC6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFODoNCl4LX3E5DaY%2BvqZFM6Fx5no%2B7RRQOCamSDSOrIf%2B3jo5VqETNDgSFychU5YvPgXeZmKrX0TCYYKvyPJ6ijAKfuT5rf8s1XdglrDWbQHhIfe7J9yb5XXvYezEA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b24dd6e3773-MEL
content-length
7098
expires
Mon, 03 Oct 2022 15:30:55 GMT
797aefbe35d80d11628510f5a886fb46.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/797aefbe35d80d11628510f5a886fb46.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2255c4cd951fb1812fd5caa7e8ac3a5f4cda4e5753c6ac3cfcffb098062e4ce2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 00:54:11 GMT
server
cloudflare
etag
"797AEFBE35D80D11628510F5A886FB46"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bS%2BIDh%2FnPJfD1grq2d1g8LVGOOW2qc7R455LtINriIVznGFe3PSnRCJgRAZ%2FCYzjyH1U%2F3yUA3qcs4Vk0v9fhu5pjVTk5ft7PfuD99IM%2BvmVL8Mj%2FHi2PCtozRT%2BHWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b24dd6d3773-MEL
content-length
8693
expires
Mon, 03 Oct 2022 15:30:55 GMT
b6d924c55029db670cbcbad4ca55768a.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b6d924c55029db670cbcbad4ca55768a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61c85519f6be8323b1c90d922d1c028885daf7223b06b5a92e715bb06a359a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 08:01:22 GMT
server
cloudflare
etag
"B6D924C55029DB670CBCBAD4CA55768A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG%2BBiaL7ERopCjw1LMWVlVvgLX8%2B98%2F9y5j%2BN%2BuaHnsIyEl6jHD9iS2J209L9lfb1gd7o7%2B4tSxOLv8Apc5Q3dke7JzfjHR5Di9Rs6%2F%2BMQc%2B8O2r6y80X3fgnvZT%2FPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b24dd6b3773-MEL
content-length
5854
expires
Mon, 03 Oct 2022 15:30:55 GMT
5849ca06605cecb803dab2e12d67df23.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5849ca06605cecb803dab2e12d67df23.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2feb195573b61e480dadfe67f915ad0d31a8f771556f306e86ab4c3f07c119

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 19:08:21 GMT
server
cloudflare
etag
"5849CA06605CECB803DAB2E12D67DF23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTAdxg0AInahv6htdoraKWs1thYJQg8PT%2BIsnqkE4ylWK%2BGPf2f2qT%2BzQAtyyfV3HnQYn%2BNIRMpVCgruLzVmWUOYkc2dN31WjoEVo9Dvsq5SdnMi3dzY3dOUXqXN%2F94%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b24dd673773-MEL
content-length
5119
expires
Mon, 03 Oct 2022 15:30:55 GMT
aa7c72545a94f46e704c42c5a3f49f34.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/aa7c72545a94f46e704c42c5a3f49f34.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba8de65c2876ca924fd1e4b7437981eaf483201003e315678310f5f72821cba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 18:11:45 GMT
server
cloudflare
etag
"AA7C72545A94F46E704C42C5A3F49F34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xv%2BTVpJxoV9L8zZje2dDT0khrO4QiQLoaUj%2BfRfXDrS79jUPe1ccFSg%2BpEPhf5jSM%2FSGRc6cuQPR%2FfuoTYZ7jWqO0rgstPDmRIs7zpJWpv%2BUweO9PWptktxMPZC0GrU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b24dd633773-MEL
content-length
7862
expires
Mon, 03 Oct 2022 15:30:55 GMT
4e9ad498e924161a8b99b21902172eec.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4e9ad498e924161a8b99b21902172eec.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd1ba34350c288d4395e4d104575c7406b490f31aa1baffcb977c5268803727

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 23:42:58 GMT
server
cloudflare
etag
"4E9AD498E924161A8B99B21902172EEC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fL%2F78xJjE9WcrlXjd1%2F1VEGTc2RrX4UQZpUugPW7RF2kq3c3JarqJjWUo3%2Bgrj9LCWTDySqJ74rqfPX3HFv5mEEwoOquw9bwbTkahyHQH3Jfmiq5u2J0yfmNCKKq33Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b24dd663773-MEL
content-length
8103
expires
Mon, 03 Oct 2022 15:30:55 GMT
3928456c7b3656c765461edde1d2f60e.jpg
static.bg3.co/imgs/202105/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/3928456c7b3656c765461edde1d2f60e.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1bb582472917451132ed0bf60094bc8d814905283844e22ca0f3b23c4a345d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 08:15:13 GMT
server
cloudflare
etag
"3928456C7B3656C765461EDDE1D2F60E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnbWVjS%2FGTD7F4dmQj3qLUrRErT8xovF6vpbJJJVem8uP3afLTsHv7bAIEuYz%2BL35h1mpRNNoQpOSqFcVwK6yPs94LsyIS7%2FFZO06evCuX46pS7d1SlHJNQtWgjem%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b2c8ba23773-MEL
content-length
30342
expires
Mon, 03 Oct 2022 15:30:56 GMT
d886d419105b443d3cf320912a77949c.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d886d419105b443d3cf320912a77949c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8062bbaface4b8a01ea6d1410ebc71ed0f56fb51a3fe80525b71135c8e3c4818

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 21:43:41 GMT
server
cloudflare
etag
"D886D419105B443D3CF320912A77949C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhCVqa7vyN4bQtQnwc5DI2J5p4q6eWi3dP9wuiJrsL1Ni7GsRQX9VOxrHtlorLA%2Bxu4yjrAdXQPE%2FvjPT%2Fgj6z8Op5gdz9Y8wRfk3pkeYPYdRgBRP9Z8r55%2BSGOo6yI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b2c8ba43773-MEL
content-length
4549
expires
Mon, 03 Oct 2022 15:30:56 GMT
d10ea377816068e759c62e20d628b1f7.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d10ea377816068e759c62e20d628b1f7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4bc6dc1cc74e9a3408093aded5e95864f2b9b5423800473d8a6bc1abb3aa49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 15:12:22 GMT
server
cloudflare
etag
"D10EA377816068E759C62E20D628B1F7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bW9ti0W8Xgc94T6vq5H5CscMXbUV4Rb98DRX3Jd8Se9Vh%2F1jGBRQHG1No%2BO0wtS5fgVEAFNs3JSYa6RDQjdGz9Mnb1nrlB16OdGSGqovefXBhexiq%2BYmGJ6B4zJ5QFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b2d0c1d3773-MEL
content-length
6044
expires
Mon, 03 Oct 2022 15:30:56 GMT
f791324bad73bae7fb4948fc5534ebfa.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f791324bad73bae7fb4948fc5534ebfa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b5df89caa6434d62c80beb47578d6f7506d648ddaea3a9ada0f827b9fbd9f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 04:49:44 GMT
server
cloudflare
etag
"F791324BAD73BAE7FB4948FC5534EBFA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVuyRoqXHk%2FYujw5hZqwRbIBImVB5qBKuShSIvv34wQM2gLQAXviYohq4bIXYasx5G%2FL0ZMpNPtJFZlHOa8138jS45U3N8di8o6FitqjwOeFTE%2F878Dg5jxJarmGNP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b2d0c1f3773-MEL
content-length
4647
expires
Mon, 03 Oct 2022 15:30:56 GMT
1795a7ff1f8bc6ad6fdc8fb2335f6cc5.jpg
static.bg3.co/imgs/202204/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/1795a7ff1f8bc6ad6fdc8fb2335f6cc5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1cd6a00f7cb1e604499a3a5c1b89939076eb16328968ae0502a9025878ca88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Sun, 17 Apr 2022 07:05:45 GMT
server
cloudflare
etag
"1795A7FF1F8BC6AD6FDC8FB2335F6CC5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DWgsNqnoUG1H5x4ZLAlYQ09sXTrx46AozK6%2Fe0eRJc1ddU2QXkxxB93iepDo1A8INQuX7%2BnoX2D7QsI36NycT5J3WmdIYQ89Yz6%2B81Us7Y7duzmsvfhHtjZpVxItTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b2d0c203773-MEL
content-length
4288
expires
Mon, 03 Oct 2022 15:30:56 GMT
66f62f4d4d909a25678868ef1fd7f2cf.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/66f62f4d4d909a25678868ef1fd7f2cf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2244d39d8a9c48d56e908dcc416fada2761bea14ff1cda178e606143575416b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 12:34:38 GMT
server
cloudflare
etag
"66F62F4D4D909A25678868EF1FD7F2CF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VHd1HlFJbdR9rdSpT0tD18RmtUZvmsEVWSjtVfyK5AjoIk9KQGILsJODtnhQ5LtWu9OXr5ncI8VpRr0X9QXvj75Y4N2OeQPJ26pCoJ7XBhOSqD2o3R%2BszPkfiC2Xbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b2d0c223773-MEL
content-length
3781
expires
Mon, 03 Oct 2022 15:30:56 GMT
2e6f91d3598c01d7b20cc9a95f6cdb89.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/2e6f91d3598c01d7b20cc9a95f6cdb89.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0ea1d5f65216e7498b754aa4eda305601148b8990024016f01c75915445f67

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 07:14:34 GMT
server
cloudflare
etag
"2E6F91D3598C01D7B20CC9A95F6CDB89"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iH6Y0AhsxUBwkI22XJPTrohh71%2FF7LPmhPMCRBYvwF1Y0DcNf5c%2BcEAkCuJRgv5I72kk1CAOk%2FQZ0Ze6znuLqfptZ6sxK8WPUfVCsHET4zVH5w2x59sSRwoB3LQLWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b2d0c233773-MEL
content-length
7169
expires
Mon, 03 Oct 2022 15:30:56 GMT
d6a25e70740fd85ae29d61cc871a5b71.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d6a25e70740fd85ae29d61cc871a5b71.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4754d1f21968cfd683843397a3d65f48d2b991c0ac943d37de1fb5a514f9db34

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 21:20:33 GMT
server
cloudflare
etag
"D6A25E70740FD85AE29D61CC871A5B71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uih%2BM%2FNS1lbz%2Fe5aaLuIahmNYOd7NLS0uUVoA1fyv9dlS%2BcG4h6UGG9OKNgrFn81jIfaNyHLGok4VB0MOZFrlmzZqChpxSUbU%2FEXZoGG8YeGf%2BupyjLDQYxVULs%2F9SY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b2d0c253773-MEL
content-length
7365
expires
Mon, 03 Oct 2022 15:30:56 GMT
f06237cef8aca0f622112e6e3cf016f7.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f06237cef8aca0f622112e6e3cf016f7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ed0566edef446d076cfbd97acef5a97fc82e6d07872b153c2589a20d3f640e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 12:46:38 GMT
server
cloudflare
etag
"F06237CEF8ACA0F622112E6E3CF016F7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r220%2FVOCuYMbgiywsavr%2BpFD6WLR90MjiFaY7UnXEO0T9dTrvUiI7NUG8VdqCCC7xZQJJGjKT4To6WSbun2xzGuvbpIiSkm6A0Evev2nBG2LbpMx%2FwiT8Mq0enLZUFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b30af223773-MEL
content-length
7108
expires
Mon, 03 Oct 2022 15:30:57 GMT
01fe9b3ed3b08c5c0c7c405ce84e43fc.jpg
static.bg3.co/imgs/202109/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/01fe9b3ed3b08c5c0c7c405ce84e43fc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
386e60901a3475449ad8f81b7f858a30460ebb756ee2dfec5e2de87bf5d48e2b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
cf-cache-status
MISS
last-modified
Wed, 15 Sep 2021 09:15:19 GMT
server
cloudflare
etag
"01FE9B3ED3B08C5C0C7C405CE84E43FC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYfJol4%2F1t4aFvaB29NQmJnaOIMGEPEMOSEavzCG4smJKs9l6PY4v8qO7YBCh86uOHa2OwY1E9pdENHYR6q0PBpAilt7aizs3RVhpQzUwkjMhw8lWdOFP1T02dDmZ%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b30bf2b3773-MEL
content-length
4092
expires
Mon, 03 Oct 2022 15:30:57 GMT
74e8ac598a3a24a15ebc652dbb430d57.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/74e8ac598a3a24a15ebc652dbb430d57.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d387706657cab14f41b4c6cb81ab12b92047ceb74ef219d9ac303da0e53af5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
cf-cache-status
MISS
last-modified
Tue, 18 May 2021 21:28:26 GMT
server
cloudflare
etag
"74E8AC598A3A24A15EBC652DBB430D57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3GaI2ZeReJ%2BJS5r7aWV41qMA8Kiz8LnliXZNajNmDyFEy9Ig7xGtVrtX1HqqeqVk647QE6mtmjt%2BPaBeV9FYQ6GhlfayAdWmxMhFCSDTNKDk4XQEUedYxm2w%2FPmaDg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b30cf493773-MEL
content-length
4497
expires
Mon, 03 Oct 2022 15:30:57 GMT
2c7c1083bb4ffbd10afce10609e88816.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2c7c1083bb4ffbd10afce10609e88816.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e350c99f3fc292e78d2cc5233b0b06e9070cfcf798dffafcfc7d828eb7adb5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 13:35:31 GMT
server
cloudflare
etag
"2C7C1083BB4FFBD10AFCE10609E88816"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsMK4hwe94KAK4sSLqV2rLRgN4S%2BY1vaCdAUb8THShBqBRixTR%2B116X0gW%2FRMGkprqoDPCPhR6m%2BMCZunSdot6oIOUy8U46Uml3eqtv1OXjJQ9Umld3bApgKjFrvYgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b312f963773-MEL
content-length
4968
expires
Mon, 03 Oct 2022 15:30:57 GMT
d9683ada39049910d2c7f1f529517500.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d9683ada39049910d2c7f1f529517500.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ddbe6878e66ac465bd7eb69aa23ed55dcacfb33244b5db4213589afbea222e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 19:48:07 GMT
server
cloudflare
etag
"D9683ADA39049910D2C7F1F529517500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xw4MyGO0OUp9R1aMcO74fTUhUNfgUW2pTao9gbTbhDOOISfRUDuzwViS3GLTH7syHvr8Ctm4jBY%2BiXvGCHWm2azvdZYdQrgEYUiNnBe25UdhZm28wLJp2lpDuApQM3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b314fbb3773-MEL
content-length
7733
expires
Mon, 03 Oct 2022 15:30:57 GMT
1e434f23839c3a641e8a3fbf046fcc82.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/1e434f23839c3a641e8a3fbf046fcc82.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c54d9629009470c0d8683d539cb46a29fcf72097f078bb2b563f0e1de3e4e320

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 17:12:50 GMT
server
cloudflare
etag
"1E434F23839C3A641E8A3FBF046FCC82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKe%2B9zBPYGfpcdWgu1GcDZb7FWNy%2BlhDhYyhVRdtGql6XmUuKIcw%2BHByNd6u7otwa2ePzZCkekwv0d1FiWgm41fG8aIwjipOzjZ7yxlKoQp5L1Jm%2FxdXTsBiPF1PKMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b315fc23773-MEL
content-length
5463
expires
Mon, 03 Oct 2022 15:30:57 GMT
0208eea35ffe2c570adb153ba1b138de.jpg
static.bg3.co/imgs/202106/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/0208eea35ffe2c570adb153ba1b138de.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431bca38c6a9405e1da29d695deeeca3b241ccde8fe16d8cb514dca344450b2c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Jun 2021 14:04:34 GMT
server
cloudflare
etag
"0208EEA35FFE2C570ADB153BA1B138DE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxLHU%2F6bTL1248527u4flowZTGDAXVrmUmb%2F%2FIESaMZNLYee561GYtexnPIZloln9gupw3nJ930XvO19xYfwHPNsYpzeJVuRFdzbwXAr2qZHF0gnRO2zR3znvmVp3mY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b316fcd3773-MEL
content-length
6552
expires
Mon, 03 Oct 2022 15:30:56 GMT
f00fad9dbfebf14d7a9015c08bde4352.jpg
static.bg3.co/imgs/202112/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/f00fad9dbfebf14d7a9015c08bde4352.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a1e7cfc155a4682e7799c9b6947ac916849fc948a721061b6ff5e837715d15

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
cf-cache-status
MISS
last-modified
Sun, 26 Dec 2021 09:04:13 GMT
server
cloudflare
etag
"F00FAD9DBFEBF14D7A9015C08BDE4352"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0reG3DJYRWry%2Bwdd3%2F%2BTZE6e7SwsI%2FNfYvbyWCqU7%2BTDkLXEKf%2BXhxT4fHZfGA9OldU0WKGch6t%2F%2Bffv7qa1rT0e3kSfrpAyITo4dnzCJwP%2BeZWKU%2Bu7TvJcvtLnXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
750d0b316fcf3773-MEL
content-length
3382
expires
Mon, 03 Oct 2022 15:30:57 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
511134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2994
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:32:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef33de73eae082fa"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:32:03 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
511139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b1ec7df2eb3636e4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:31:58 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
574364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23079
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 23:58:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a56a470e0e255659"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 23:58:13 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
998 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a45df1dbc260a7778756594a4367e4bbfa8bac5112dfe42ab559cf98ed6d5846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
549
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1941
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0o6CarhQ7rDtFllWlovc0dtnLRAA06ioUTcw5NtcWfW1OuY99jL7pJBXNLiSMbxAEqUUuyL8qXu2Llici8hXDyGLIFoOOWH8YrpsHjrm0i%2FBy0EeZh6zjHOfEkRjaoLjAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
750d0b23b9d8df91-MEL
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
0714b585465a1438a6de93463609e9c8a77c39a5e2961a478b82b741086346d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:30:55 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
0714b585465a1438a6de93463609e9c8a77c39a5e2961a478b82b741086346d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:30:55 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9448318252355234&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:30:55 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.34131228174523853&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:30:55 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1664206258.dop203.la3.t,1664206258.cds211.la3.hn,1664206258.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
562936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10238
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 03:08:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d9aacf1c86bf072e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 03:08:41 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B3E3 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e9d88c06683a26b56a640e14bb36343474fe06d32368800a5b1b239fae955213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40604
x-xss-protection
0
server
cafe
etag
7384303917761660795
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 15:30:55 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D920 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ec36a388c080b43729c5cb7fe064b2f61ae18edfe8a22f8707644f2d24bcd6d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40499
x-xss-protection
0
server
cafe
etag
11764480956377592189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 15:30:55 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 96F7 		714 B
803 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1968
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
750d0b28df685aa4-MEL
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 15:30:55 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qei%2Fhe4zOVri7aJPYMjCh4z5yfw%2Fth%2Bo4iLfivSeFsbcszCn06DVIucDuQ5%2Buaq6X2S6YVLa%2B9PjO%2FXM9zqrVWwOkznrDAa%2FvT4uOXpARXNw%2F5ByDeLZB10dKmhCtF0mlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:30:57 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame A55D 		714 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1968
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
750d0b28ef7a5aa4-MEL
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 15:30:55 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRwjT2Ju%2B1mX%2BPvn4lLfbisXIxWFmZ0or0p6ZtyJnUPpP1BSS%2F63fPjEWibzB51Ux7js%2FdXf8JIwuPQH%2FdIKFCI5zJlXcgy0NYDK%2BIbZlPrdOvKBI91G82EhXye2wrjcyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 96F7 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
d9c7bc1c148956c8704dab64a3d45e025b89eee0621ab803fa3a10ac52f7c046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27849
x-xss-protection
0
server
sffe
etag
"1345 / 913 of 1000 / last-modified: 1664190294"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Sep 2022 15:30:58 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A55D 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
d9c7bc1c148956c8704dab64a3d45e025b89eee0621ab803fa3a10ac52f7c046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27849
x-xss-protection
0
server
sffe
etag
"1345 / 397 of 1000 / last-modified: 1664190294"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Sep 2022 15:30:58 GMT
gtag.json
cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
511112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:32:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc10be84565b445b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:32:24 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1664206258.dop203.la3.t,1664206258.cds211.la3.hn,1664206258.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ Frame B3E3 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
0ee68636d99ccf0650a96b5c70a64ba9365f23b331e496775ce82a0bf6687125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125794
x-xss-protection
0
server
cafe
etag
16586402277355294788
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 15:30:57 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209210101/ Frame D920 		396 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209210101/show_ads_impl_fy2021.js?bust=31069779
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
cee9b28c258b3f7bdc8533e5a09bc5870330bcd87b0cbe6b8ba7267ebae47d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140817
x-xss-protection
0
server
cafe
etag
9163868664733449835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 15:30:57 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Mon, 26 Sep 2022 15:30:56 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%9A%AE%E5%A4%BE%E4%B8%8D%E8%A6%8B%E5%8D%A1%E7%89%87%E5%85%A8%E6%8E%9B%E5%A4%B1%EF%BC%81%E4%BB%96%E5%9B%9E%E5%AE%B6%E8%A6%8B%E9%80%99%E5%B9%95%E7%9C%BC%E7%A5%9E%E6%AD%BB%203.9%E8%90%AC%E7%B6%B2%E5%8F%8B%E7%AC%91%E7%98%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-bp2IvYeADvpv_CeMaNTxFA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.30050504059113625&gjid=0.9219289159738708&_r=1&a=1973&z=0.687785752576979&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
510841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57918
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:36:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7c6c55ae06162656"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:36:56 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-3394377511692373627.ampproject.net/2209072154000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-3394377511692373627.ampproject.net/2209072154000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame B3E3 		379 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
045709218142f2e5ae3c992cabf1bcc410f08a23af90974e135f5a0333474e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame B3E3 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B3E3 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CB85 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
19294f794c7351e3f28f7b00a8220b9881ce2b9242d820dd7f3bc9fb4ab9c4fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9937
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:30:58 GMT
expires
Mon, 26 Sep 2022 15:30:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame D920 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209210101/show_ads_impl_fy2021.js?bust=31069779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
134831b7b8a11609c6c27e9b24933f5701cb6b3cc06d129cfb3fc4e501981a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame D920 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209210101/show_ads_impl_fy2021.js?bust=31069779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D920 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209210101/show_ads_impl_fy2021.js?bust=31069779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 947D 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256123&bpp=11&bdt=1474&idt=1965&shv=r20220921&mjsv=m202209210101&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=1&ga_vid=1507107048.1664206258&ga_sid=1664206258&ga_hid=1752020332&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2427&biw=1600&bih=1200&isw=336&ish=280&ifk=780332214&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31069779%2C31067826&oid=2&pvsid=2091931484474790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecmpry378s7r&btvi=1&fsb=1&dtd=1985
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209210101/show_ads_impl_fy2021.js?bust=31069779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
4eae79dc91f805fc0949f5e66b2e67eddd89acf1e78dd8e3d6a0a1334d88f300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10636
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:30:58 GMT
expires
Mon, 26 Sep 2022 15:30:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8836 		603 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-28624581033458357175&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3288&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=2001973&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&ga_hid=1973&dt=1664206257995&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&bdt=4398&dtd=404&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:30:59 GMT
expires
Mon, 26 Sep 2022 15:30:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-type
application/javascript
content-length
94168
expires
Tue, 26 Sep 2023 15:30:59 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4
accept-ranges
bytes
content-type
application/javascript
content-length
317
expires
Tue, 26 Sep 2023 15:30:59 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-type
application/javascript
content-length
17440
expires
Mon, 26 Sep 2022 16:30:59 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
d9c7bc1c148956c8704dab64a3d45e025b89eee0621ab803fa3a10ac52f7c046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27849
x-xss-protection
0
server
sffe
etag
"1345 / 129 of 1000 / last-modified: 1664190294"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Sep 2022 15:30:58 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:59 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQyMDYyNTg2NjUsInBhY2tldElkIjoiMDAwMEE3MDEtOTBjMzg3NDAtNDZiMC00YWU4LTk2YTYtMWY0OTljMTRiMzA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWppYS1idS1qaWFuLXFpYS1waWFuLXF1YW4tZ3VhLXNoaS10YS1odWktamlhLWppYW4temhlLW11LXlhbi1zaGVuLXNpLTMtOW1vLXdhbmcteW91LXhpYW8tZmVuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:59 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQyMDYyNTg2NjYsInBhY2tldElkIjoiMDAwMEE3MDEtOTBjMzg3NDAtNDZiMC00YWU4LTk2YTYtMWY0OTljMTRiMzA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWppYS1idS1qaWFuLXFpYS1waWFuLXF1YW4tZ3VhLXNoaS10YS1odWktamlhLWppYW4temhlLW11LXlhbi1zaGVuLXNpLTMtOW1vLXdhbmcteW91LXhpYW8tZmVuZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:59 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQyMDYyNTg2NjYsInBhY2tldElkIjoiMDAwMEE3MDEtOTBjMzg3NDAtNDZiMC00YWU4LTk2YTYtMWY0OTljMTRiMzA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWppYS1idS1qaWFuLXFpYS1waWFuLXF1YW4tZ3VhLXNoaS10YS1odWktamlhLWppYW4temhlLW11LXlhbi1zaGVuLXNpLTMtOW1vLXdhbmcteW91LXhpYW8tZmVuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:59 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQyMDYyNTg2NzEsInBhY2tldElkIjoiMDAwMEE3MDEtOTBjMzg3NDAtNDZiMC00YWU4LTk2YTYtMWY0OTljMTRiMzA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWppYS1idS1qaWFuLXFpYS1waWFuLXF1YW4tZ3VhLXNoaS10YS1odWktamlhLWppYW4temhlLW11LXlhbi1zaGVuLXNpLTMtOW1vLXdhbmcteW91LXhpYW8tZmVuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:59 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQyMDYyNTg2NzMsInBhY2tldElkIjoiMDAwMEE3MDEtOTBjMzg3NDAtNDZiMC00YWU4LTk2YTYtMWY0OTljMTRiMzA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3BpLWppYS1idS1qaWFuLXFpYS1waWFuLXF1YW4tZ3VhLXNoaS10YS1odWktamlhLWppYW4temhlLW11LXlhbi1zaGVuLXNpLTMtOW1vLXdhbmcteW91LXhpYW8tZmVuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:59 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1664206258686
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 26 Sep 2022 15:30:59 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Mon, 26 Sep 2022 16:30:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CB85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9kgsssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLcCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZ2bCmojoFJ8mBet_HOkErswSse32NoOLQVogAjZIof0MGJsg4jmqABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=KcuXwpBT57I&uach_m=[UACH]&cid=CAQSGwCsnQUxgG9W3gobNound-US0folM4H3yFTsuRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 26 Sep 2022 15:30:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Sep 2022 15:30:59 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame CB85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k4XhE5zIC9ACmAJi-C0SAgAAACE5AQwCW-6IMjS_GmU3JEEQssUxYwYR9bE6BgKRxnjhABIAAA&wp=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
server
Kestrel
server-processing-duration-in-ticks
161403
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame B95B 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
11ae8b2b219a7e496ff3426b6e14c84a6ee9a5d884fae5d44bd0a941f5dba14c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:30:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=Mu2no_aRrBIZ4hdu-yLUUfzLoa1nW-3TFyBQIfhM6xRNmykQrUExcZv4mqBCdZysgf3lVwMaPZj4DhRGMt5slWeoxbIcR5ksf5DSak5AxjQJhWwA0XRAAGuioLW35u6rcnZMo3S8GPU-JUc_BqtfyzVyeaO0nv1eWtCoho8wW9OpUYiOs6cMSxBPWvFbnxo-8ABRjDKenMqpGG8m0F_WsiEJ8xlwVHoEx8mlubo-8JpMbQrqSpqVFxqOBa8dVPhnJpgTCGmekdatFHWt"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3418817
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame CB85 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:52:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame CB85 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:51:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB85 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:30:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 80BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9GIgssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBI8CT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxRicO884C30IQyaXlgqKet--TSL640P-rt1C68yJzCVO1_362icW4AGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=lL2WHLft_VM&uach_m=[UACH]&cid=CAQSGwCsnQUxIrVqagj5sJOCdgPC-DfHOKhE1MJ31RgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256123&bpp=11&bdt=1474&idt=1965&shv=r20220921&mjsv=m202209210101&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=1&ga_vid=1507107048.1664206258&ga_sid=1664206258&ga_hid=1752020332&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2427&biw=1600&bih=1200&isw=336&ish=280&ifk=780332214&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31069779%2C31067826&oid=2&pvsid=2091931484474790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecmpry378s7r&btvi=1&fsb=1&dtd=1985
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 26 Sep 2022 15:30:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Sep 2022 15:30:59 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 80BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k6XEFNHxBqwC-gFi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQssUxY0nNjK2Ven6Ih18gABIAAA&wp=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
server
Kestrel
server-processing-duration-in-ticks
154250
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame 0D87 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256123&bpp=11&bdt=1474&idt=1965&shv=r20220921&mjsv=m202209210101&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=1&ga_vid=1507107048.1664206258&ga_sid=1664206258&ga_hid=1752020332&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2427&biw=1600&bih=1200&isw=336&ish=280&ifk=780332214&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31069779%2C31067826&oid=2&pvsid=2091931484474790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecmpry378s7r&btvi=1&fsb=1&dtd=1985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4b37b8b0adc97511d55622bada3b90dcade195731ce779686bf24c4f8d1a4aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:30:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=iq02S_aRrBIZ4hdu9BbBQq1lLx0a-g1NumwmZ0jFj5Yb-LdpT3ishYsPVXhRvnwC11qT9m8Z9xgU-ZsadD4V11Fc5WYYL4nMayUJIddAaaR4pB2xX1ZO_qIkSKxnlfvhxKhbB_GXxAPWjWPzRwA1PgPQGxxmXi0Bb9VPajYFl3ZB2ibrf0_SpozVMNJjb3ak84J7392NUeqt-4CgiWv4DwRA8VLyFv3QvKL6KZdkMXk6sEMgIa23jHSCZppPakUlKfMFVLbSKH0JIm_O"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4250912
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 80BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256123&bpp=11&bdt=1474&idt=1965&shv=r20220921&mjsv=m202209210101&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=1&ga_vid=1507107048.1664206258&ga_sid=1664206258&ga_hid=1752020332&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2427&biw=1600&bih=1200&isw=336&ish=280&ifk=780332214&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31069779%2C31067826&oid=2&pvsid=2091931484474790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecmpry378s7r&btvi=1&fsb=1&dtd=1985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:52:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 80BD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256123&bpp=11&bdt=1474&idt=1965&shv=r20220921&mjsv=m202209210101&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=1&ga_vid=1507107048.1664206258&ga_sid=1664206258&ga_hid=1752020332&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2427&biw=1600&bih=1200&isw=336&ish=280&ifk=780332214&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31069779%2C31067826&oid=2&pvsid=2091931484474790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecmpry378s7r&btvi=1&fsb=1&dtd=1985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:51:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80BD 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256123&bpp=11&bdt=1474&idt=1965&shv=r20220921&mjsv=m202209210101&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=1&ga_vid=1507107048.1664206258&ga_sid=1664206258&ga_hid=1752020332&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2427&biw=1600&bih=1200&isw=336&ish=280&ifk=780332214&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31069779%2C31067826&oid=2&pvsid=2091931484474790&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ecmpry378s7r&btvi=1&fsb=1&dtd=1985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:30:59 GMT
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
535253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 10:50:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Mon, 26 Sep 2022 15:30:59 GMT
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ Frame A55D 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
535253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 10:50:06 GMT
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ Frame 96F7 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
535253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 10:50:06 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame B95B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:30:59 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame B95B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B95B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 21 Sep 2023 15:30:59 GMT
truncated
/ Frame CB85 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cea5e47508fd14aba0b8bb7238f782a73bb8f9824b46517e6d2ed6587acf5fc3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 80BD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b086747d71bebcccd576372d4ecbc0c7c12ff569c8a0dd95d49f43e58d9aa39d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
back_button2.svg
static.criteo.net/flash/icon/ Frame B95B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 21 Sep 2023 15:31:00 GMT
index.html
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/ Frame E2E1 		1 KB
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
30ca27f6a96516b0065d6b5d0dc419284613d13606fc85926cbf4b93bd1f5df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:30:59 GMT
etag
W/"62bcef6c-458"
expires
Thu, 21 Sep 2023 15:30:59 GMT
last-modified
Thu, 30 Jun 2022 00:33:48 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
lg.php
cat.sg1.as.criteo.com/delivery/ Frame B95B 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=8yPB66VwL7YB83wwQLaOx8MZCpdIprhhRZaafwdPa4DWw3W7FMau-xtZFm05fz4RoqFbEkzjqdshxCM72Dj_odDPLed38RPO_iza0eWHfoFGXBnX5v0Fu2kz6Pt8P1s_9Wt_tf-vSX6RFYwogaqn8_kfsM951AgSUIWzflLmUxF611y2yOfkbf9KMM5p1gKAsWp1NIYlhr1RvVDoUsIPIlS75ZdvKbW7KP4PQU6y1g3rcyUFLhd70IgXsdwpvpzlQSAK_hrfeqATPiNCgub54wKRrIssvCWGMDvn2r1OrzhQjs7HUL5qakkWqNs-FGoQYuMcscBg_3XdnvfzAKYxvnd1LVkIc46zHYH_j0zwkrXb2HyYuxkqThovbKJDyedIinfF8JZVqRtzahFN7ZR3lM0DHsHGK7maWf0QBROsRIOOIovCSNF_RukFE_5yalFiYVtC3A
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:59 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1640755
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.as.criteo.net/ Frame B95B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Mu2no_aRrBIZ4hdu-yLUUfzLoa1nW-3TFyBQIfhM6xRNmykQrUExcZv4mqBCdZysgf3lVwMaPZj4DhRGMt5slWeoxbIcR5ksf5DSak5AxjQJhWwA0XRAAGuioLW35u6rcnZMo3S8GPU-JUc_BqtfyzVyeaO0nv1eWtCoho8wW9OpUYiOs6cMSxBPWvFbnxo-8ABRjDKenMqpGG8m0F_WsiEJ8xlwVHoEx8mlubo-8JpMbQrqSpqVFxqOBa8dVPhnJpgTCGmekdatFHWt&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B95B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B95B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0D87 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:30:59 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0D87 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:30:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0D87 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 21 Sep 2023 15:30:59 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0D87 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:30:59 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 21 Sep 2023 15:30:59 GMT
index.html
static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/ Frame 2467 		63 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:30:59 GMT
etag
W/"632bf2eb-fd81"
expires
Thu, 21 Sep 2023 15:30:59 GMT
last-modified
Thu, 22 Sep 2022 05:30:19 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 0D87 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=6Az5u1qMiUBAizzWJRFQtuweI7xqsQKsxnJVEkvqPJM-BvQnyyNZ-IbCNPw4Viw9BHuTpMG6QFC_tTzE6ub2-vXqDh9VT4p0LfwwgPOFInsrdVT3TRUqIoc_TQdOKGHqCBNVpL9PjvQvqM2BnslbyrB1bRQKc5Pe2ox75CH7p7UWOhYIDM72Td8Gq9LrU0QGuar5b7fp_-a8C2Ckys9Ik1gdw88xUQZQZpD1f4irK4b88rppt2kZ7HId9icmYp47sqqmFZwaMQDyW85uG9CnDdAt69HNjp74kNSV8cymE9SJ7VcWrocFKcxIEPHF3-KdKor5rQKU0rp6VSm2YtIZ2E7SWBS2txi6ySCwTCV7klQixEubmiEpnrqT7Dsdj8smuJBGrbgXq3kFdnH_IUJv8-FbH5J39dW4H4i7m-ROqjqEPD8yyiVGqsDv5VigGHQshqprRQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:30:59 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3319485
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
visit.jpg
tps.doubleverify.com/ Frame 0D87 		0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=23716808&cmp=192271&sid=3129&plc=6795081&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&gdpr=0&
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:00 GMT
Cache-Control
max-age=0
Connection
close
Expires
09/25/2022 15:31:00
all
csm.as.criteo.net/ Frame 0D87 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=iq02S_aRrBIZ4hdu9BbBQq1lLx0a-g1NumwmZ0jFj5Yb-LdpT3ishYsPVXhRvnwC11qT9m8Z9xgU-ZsadD4V11Fc5WYYL4nMayUJIddAaaR4pB2xX1ZO_qIkSKxnlfvhxKhbB_GXxAPWjWPzRwA1PgPQGxxmXi0Bb9VPajYFl3ZB2ibrf0_SpozVMNJjb3ak84J7392NUeqt-4CgiWv4DwRA8VLyFv3QvKL6KZdkMXk6sEMgIa23jHSCZppPakUlKfMFVLbSKH0JIm_O&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 15:30:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0D87 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0D87 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame A55D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A55D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A55D 		499 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1262363747512936&correlator=3640251104133376&eid=31068458%2C31068501%2C31068919&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664206259890&lmt=1644386353&dlt=1664206255562&idt=4304&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=qlh4nktwywr9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=567307897.1664206260&ga_sid=1664206260&ga_hid=668824626&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
1f816e7a4056ca1d32adea4cbf6e9065bea87aeb0e227e94c6f9ff89d31876b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
58b085eee150a534224aaadead53b14b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E39 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58b085eee150a534224aaadead53b14b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:00 GMT
expires
Tue, 26 Sep 2023 15:31:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/css/ Frame E2E1 		1013 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/css/style.css
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
99a897b1b6bf0d20afe286cd5e66a7281c3c8eeb69c9aa0dfd42175fc8290aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 00:37:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bcf02c-3f5"
strict-transport-security
max-age=31536000; preload;
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:00 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E2E1 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 15:31:00 GMT
image-3.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame E2E1 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/image-3.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
30c13878ec598cd5f3f00e151916a8836bf60cc3fc1dc5eb1a3df200e720b582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 30 Jun 2022 00:37:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf037-459a"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
17818
expires
Thu, 21 Sep 2023 15:31:00 GMT
image-2.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame E2E1 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/image-2.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87da6367710a464cd40e9eccba2dc010ba6f8b35a1ab03f8849eae124a1d8bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 30 Jun 2022 00:37:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf037-369d"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
13981
expires
Thu, 21 Sep 2023 15:31:00 GMT
image-1.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame E2E1 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/image-1.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f75ab72d3c3cfd942cadcc6075bc34830f90a39caf644969cdb1eaad79a6231e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 30 Jun 2022 00:37:10 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf036-3844"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14404
expires
Thu, 21 Sep 2023 15:31:00 GMT
copy-2.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame E2E1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/copy-2.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
342d9207010dbb5769fc2988004bf46d4f579e8284fa3931374049e0dd55075f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 30 Jun 2022 00:37:08 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf034-88f"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2191
expires
Thu, 21 Sep 2023 15:31:00 GMT
copy-1.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame E2E1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/copy-1.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
360af8367592521fcd7ec8624cdef05e84e34d1c542c4a374828dfbe450da284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 30 Jun 2022 00:37:08 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf034-768"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
1896
expires
Thu, 21 Sep 2023 15:31:00 GMT
logo.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame E2E1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/logo.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c0216a4ae9eb4d295edfee2917969c200cefbb28bedbbf8ead8f4a4609b82403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 30 Jun 2022 00:37:10 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf036-809"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2057
expires
Thu, 21 Sep 2023 15:31:00 GMT
endframe.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/ Frame E2E1 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/img/endframe.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
1904751ccfd62fb4368f0c10c93aa705878d726a2ecfe982877e838437735b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 30 Jun 2022 00:37:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bcf033-25c7"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9671
expires
Thu, 21 Sep 2023 15:31:00 GMT
leos-display.js
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/js/lib/ Frame E2E1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/js/lib/leos-display.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2e8a854dbb9d8baf325f950347fa3b876ed124fd58546abdd1ce0c9e69b63d46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 00:37:51 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bcf05f-77a"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:00 GMT
animation.js
static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/js/ Frame E2E1 		477 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/js/animation.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
76e1b353ad8b888eb77cf1b62b4fb4ee02ff5126f7ffc39c8c01582f93dc6e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition2/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 00:37:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bcf02c-1dd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:00 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 03 Oct 2022 15:31:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220926
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1786
x-jsd-version
1.0.1475
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19138-FRA, cache-mia11375-MIA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-9lsaB8TCWeAdVdoa0IOXXG7dpP0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENKKFRCzIqwf3Qlf4lMR1t3%2FtPUuxUx6A1FnTsLUmT46oEpQ2Rc1JEonzKdfnZGFYVN9tf%2B%2B1T9oO5yF9ecoiJL81RZgz3Vet0xie3Bkk0dEdZ33AYMsWcZPcEOKdAeJhXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
750d0b4729025ac0-MEL
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=315d36a4-cf64-45f9-bc90-94395d20cc11%2C42fb6366-a85c-45ac-81a7-3e9bdbe5b0d7%2Ca9f4a098-2fd2-4480-adc8-66ccca4bd3b1&nocache=1664206260113&pubcid=24da1778-a371-47a5-b48e-9eb93796170e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
96261b7295fb16e4e5d4768282072f2b0484263c2085387f6e8947ceede5f33e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b6541c53-9589-4765-b9fc-6e25e6de206b&nocache=1664206260114&pubcid=24da1778-a371-47a5-b48e-9eb93796170e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:00 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4b1ce3ab-e204-488d-96e4-12942e531867&nocache=1664206260114&pubcid=24da1778-a371-47a5-b48e-9eb93796170e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:00 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=20f6c2f8-5e75-4014-8ac2-4cc73cb1fe32&nocache=1664206260114&pubcid=24da1778-a371-47a5-b48e-9eb93796170e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:00 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=61785642140
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		584 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
73d1754277834fe0a8b1aa592535defb1181633f5d34b63a871253d0bafa3495

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
42
content-length
302
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.14.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-14-88.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:00 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 26 Sep 2022 15:31:01 GMT
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
9
vary
Accept-Encoding
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22427dc7c88121e48%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249ad02bbfc53995%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2252b8e76f2d31f2e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2253fc2203b0144b4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2224da1778-a371-47a5-b48e-9eb93796170e%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e8940bd58208be5e2f52cc5f0b45a932a0cf7150ad6c693452453ed1b66f2f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95uUAWxPLt2CkdC0BNgUT5rnaArIf%2FwsVF9NUKjjivLzCaHO9rzYI6acJcK4nap8d5eK0gxXJND%2FhAGcGBfG4goyqJTHVa6btD%2FfNr5%2FNCVKQZEuR8h1YHB1JWXcvZHYOMVZvgqC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
750d0b475f1b5a4f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22427dc7c88121e48%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2252b8e76f2d31f2e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2253fc2203b0144b4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2224da1778-a371-47a5-b48e-9eb93796170e%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e8940bd58208be5e2f52cc5f0b45a932a0cf7150ad6c693452453ed1b66f2f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDiGYpvgcGmnpuLs3%2FfNCXnZkk7%2F%2B3V%2FuFx1dq%2BfrVFpRXSCyGRKSBQhDm4LzXxcG9aECNXeXs6JGxI%2B5ulhFIV6M1F0iZLnRp7ZvUOKcERFw5vH0Okz%2B183EUw1g%2FL49bMQg0M%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
750d0b475f1f5a4f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.137.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-137-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6bb14babd121c339e2b9aae707aac2f3e4dad47777384cf591a8d1f2f07f084b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:02 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.137.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-137-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
468cf9622696f8e4df81e3fde5452e4e6f69e6b1ee44305a8c7ca083f954bd0f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:02 GMT
content-encoding
gzip
x-prebid
pbs-java/1.99.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=24da1778-a371-47a5-b48e-9eb93796170e%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=cf8e4d40-67ee-447c-adbc-63c4754e0014%3B6cc5e6ff-d5d0-4b87-9bb1-ed26ce83d5c8%3B668df19c-40fc-4962-ade1-1529316141dc&l_pb_bid_id=55672fa1fcea997%3B56fc27b5fce16ee%3B5799c27a0594477&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.277574777255013
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
30cc4b9ad8632deed349de0ad3336d5d829c35eaae6acfb4f0a3aea1a08c053c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:00 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		405 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5300
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 15:31:01 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e68de0244b59a220920ee7776234397b8347f4568c4da7b3bdfa0b4a793fd379

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
106
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
61acee430c99b3902bb6cb1df124025d362ea29f7a45343bde6f2392c920cca2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:00 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ff8d0ffa-a66f-41c5-874c-67b126d30a7f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
361
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4abc189640d1fcc11fc32187061303ec8b1e4e8425178df4d6bf1c2b8fe01942

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 26 Sep 2022 15:31:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
Enabler.js
s0.2mdn.net/ads/studio/ Frame 2467 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 15:41:04 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 96F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 96F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 96F7 		499 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2623157841093587&correlator=2480738133384888&eid=31068457%2C31068919&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664206260288&lmt=1644386353&dlt=1664206255553&idt=4727&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=8to52rqvp04t&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=200359611.1664206260&ga_sid=1664206260&ga_hid=376805651&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
4af31d9b03f1f554ae9dfdf1e89a5a45b65fea859750d501784e4dac886930d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b4d2fe5aaaebb6d25743be5dcfc19d36.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E2F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b4d2fe5aaaebb6d25743be5dcfc19d36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:00 GMT
expires
Tue, 26 Sep 2023 15:31:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A55D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
184e60e6706c7ae670691e073a4c95c01a72c1a90a4f0255c7c50a8f4473b34b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11076
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 96F7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
66ba9585012af8211e735d1e68da80131b622e32e4280f4ba288cd9b652f7e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
all
csm.as.criteo.net/ Frame B95B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Mu2no_aRrBIZ4hdu-yLUUfzLoa1nW-3TFyBQIfhM6xRNmykQrUExcZv4mqBCdZysgf3lVwMaPZj4DhRGMt5slWeoxbIcR5ksf5DSak5AxjQJhWwA0XRAAGuioLW35u6rcnZMo3S8GPU-JUc_BqtfyzVyeaO0nv1eWtCoho8wW9OpUYiOs6cMSxBPWvFbnxo-8ABRjDKenMqpGG8m0F_WsiEJ8xlwVHoEx8mlubo-8JpMbQrqSpqVFxqOBa8dVPhnJpgTCGmekdatFHWt&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAHy1ABc_kyAAugbgJL4D5Wb7JTwR1Viw&u=%7CVBsX5Vr7un9dnfGCoSPA7lgfL9ahu7jW%2FO0GghDxcZA%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUGii0VWHy1BMWtL3CqUvGgtETMKt86DQcxMRhxYg-MJQ4YohOTkR7hK3ngf0_FgmETcqFlCLCyfuC3eCHY45p28x8ZHUCu6-iggXCQSUgwMWpto-twSV8BMA7Zb_hZlfais42AmKWH9rnpB_YmhQdBL3vlQE9fwZH-A8fLGf0YN13525vs4FjMMc32MwayaV1QmVU-sFk27D7Pa8pcA9xhQWep0o2UF5tqjONzNETRTB_547KE8eEBHa-wwOaEM2CyLSUw5sH4_z6sU7cEoD0HOeyKyHQBkUzV4gfdwf6JdBVGJGDusean4kMN_ouGjfNN2gHGXuxVLZo-K6HD8jM10gvVA3EF6cObS0fnmh7KxQO7KohmJMVdRjFwBAOfPfsyfZfV4Zxwi6YDyiwQ3safVjM4k7w7dO-6bhY-gQVDliLN3qq9q0KzKwgFs_pm6hlJAF52DSdtly-Ys0Cy2iKjxdCwSSCu7UQkzgUdywp6YG1XPEFkdudythtNWFV5ZRPf1OEve4qVM-X-gRei6bhC7zGISwJy9c18xDxS-3Bb4gMmcP6d-pn5TT2YZhXAhHhA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-q4bssUxY9CWH7Lyz7sP7sCukAmY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCcht86D3KpT6oAwGqBLoCT9Dc8KY6b_1HDQYxECEKRAxilO50AGPFsfhoFG1N2RTJir0QnMYEMOo3iaIhgoo2-od_lw5YyiFBxA0tzYIoTILF6vpvZRLptcQ_S8pPYzGfZxX9eo3YP8KBKFdzdWUw2X3FWaVtRgbD7-SKjbPkHqPkK32K4uYsLzeSIRL0eoW6jzFb6ZytBPtTqq8Qe691_6uzI1Yzpi24O-HgwH8m9VDL7NkWkAuZDcr4d7NNsRiJSlajRVxqb0mc_-ZIZMcX4YVdScXVIX4bwRjsRyUIk4K0ofEuOhUFqmeKcayECpaDiF408N9KXnqc4zhIRtm3QpPfb5AvdBLXGi2kU_dGmUE1eZWpAcfIka9KwdsCBBNZm7KHMN_Lrrd-865Z0RexcC24ceqHjvo43ntWF1uWYW8ewSOp8JVc0eiABpflorjRrdWQ9AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OkdFkEEUwDDat4SmzVU6x7CE6tQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:59:29 GMT
via
1.1 69eaf3b14624853f73e8b23e5e76f49e.cloudfront.net (CloudFront)
age
1893
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
z2r030lwflVMabtUc1SCNu0zcWONCw6AIng4PQbgNC1TIA2pCrz-YQ==
sodar
pagead2.googlesyndication.com/getconfig/ Frame D920 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209210101/show_ads_impl_fy2021.js?bust=31069779
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
db76f704d5dcfcc60a386466eceb494159f4ccea8e913cde01a51f191075faa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11157
x-xss-protection
0
p1.jpg
static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/ Frame 2467 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/p1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c9d39b0c6fd30f79e7feea1a01d35fbfdeeeeeda6a7b33a2f2f26375b9aa5d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:00 GMT
last-modified
Thu, 22 Sep 2022 05:30:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"632bf2eb-d4a7"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54439
expires
Thu, 21 Sep 2023 15:31:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CB85 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuULD1zkvz-eH4uOkjdr_ArzLxk6DD7ovetOxbCrQoeEZdFYpr22ndSxVG68045KGUN9KZ9oTBViOz8yZpfvjYi5JPZ&sig=Cg0ArKJSzP6dSWjuOGEFEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664206258065&rpt=1861&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A55D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:31:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 96F7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:31:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D920 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209210101/show_ads_impl_fy2021.js?bust=31069779
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:31:01 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI1MTM3MzNfMTY2NDIwNjI2MTE0OSIsInVzZXJJZCI6Ijc5MTc2N18xNjY0MjA2MjYxMTQ5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiODE3MzU2XzE2NjQyMDYyNjExNDkiLCJwYWdlUGF0aCI6IiUyRmElMkZwaS1qaWEtYnUtamlhbi1xaWEtcGlhbi1xdWFuLWd1YS1zaGktdGEtaHVpLWppYS1qaWFuLXpoZS1tdS15YW4tc2hlbi1zaS0zLTltby13YW5nLXlvdS14aWFvLWZlbmcuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZwaS1qaWEtYnUtamlhbi1xaWEtcGlhbi1xdWFuLWd1YS1zaGktdGEtaHVpLWppYS1qaWFuLXpoZS1tdS15YW4tc2hlbi1zaS0zLTltby13YW5nLXlvdS14aWFvLWZlbmcuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjY0MjA2MjYxMTQ5fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:01 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvcGktamlhLWJ1LWppYW4tcWlhLXBpYW4tcXVhbi1ndWEtc2hpLXRhLWh1aS1qaWEtamlhbi16aGUtbXUteWFuLXNoZW4tc2ktMy05bW8td2FuZy15b3UteGlhby1mZW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcGktamlhLWJ1LWppYW4tcWlhLXBpYW4tcXVhbi1ndWEtc2hpLXRhLWh1aS1qaWEtamlhbi16aGUtbXUteWFuLXNoZW4tc2ktMy05bW8td2FuZy15b3UteGlhby1mZW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Mon, 26 Sep 2022 15:31:01 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=6, origin; dur=218
content-type
text/html
content-length
555
expires
Mon, 26 Sep 2022 16:31:01 GMT
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=112285687;fpan=1;fpa=P0-151537705-1664206261185;pbc=24da1778-a371-47a5-b48e-9eb93796170e;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1664206261185;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-124.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 20:57:14 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
66828
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
yfybwCBM-sNHV5mJqKfx2v2nD_Gnjk1LvWLhVk0YKXHBF3Xxj9-M6w==
pixel;r=327028025;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html;uh=e51ed67dfb8d91dc...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=327028025;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-151537705-1664206261185;pbc=24da1778-a371-47a5-b48e-9eb93796170e;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1664206261188;tzo=0;ogl=;ses=726e592d-3929-4a58-b04c-37f5dd1c7c20
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B3E3 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
15597ef634097e374d8f18ab0155a9bd770144f072088d38e71b6754aacaeed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11272
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B3E3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:31:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0FCC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
477064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B91C 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
357c585829a9b5623a46f79d0c64440ff25d0faae7c561a0817495bcb3504c39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NmV7inxEGVkIRiw7FuU6zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-NmV7inxEGVkIRiw7FuU6zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:01 GMT
expires
Mon, 26 Sep 2022 15:31:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 591E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
477064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B991 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
325fc4c4bf76064d9a88f80ba9e2058682e92f4c619a4b7c01077ccf92e69caf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HI1tQxRfgCr1QuR1GgYQqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-HI1tQxRfgCr1QuR1GgYQqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:01 GMT
expires
Mon, 26 Sep 2022 15:31:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F91 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
477064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C2A0 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
99ed7525cf47e26724eb0dc946510616ac8fa4d1bd21f6de4aab7ad0e49dc9cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O0Im5f3GpmTpRSdxj0B3GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-O0Im5f3GpmTpRSdxj0B3GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:01 GMT
expires
Mon, 26 Sep 2022 15:31:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
08f8a35ff1ed0c7e39419984a8d32de7e1dd3a298595992abffad1810a0e4237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74949
x-xss-protection
0
expires
Mon, 26 Sep 2022 15:31:02 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9waS1qaWEtYnUtamlhbi1xaWEtcGlhbi1xdWFuLWd1YS1zaGktdGEtaHVpLWppYS1qaWFuLXpoZS1tdS15YW4tc2hlbi1zaS0zLTltby13YW5nLXlvdS14aWFvLWZlbmcuaHRtbCIsInRpbWUiOjE2NjQyMDYyNjE2Njl9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:01 GMT
server
nginx/1.14.0 (Ubuntu)
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 44AF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
477064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 08CA 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
a21946f0b7cd85f30e2ea294ca33c02045e0b8e1bfb371f001d25855273f9013
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yN0twrKUuXkufTX8vM6UHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-yN0twrKUuXkufTX8vM6UHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:01 GMT
expires
Mon, 26 Sep 2022 15:31:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 0FCC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 591E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 0F91 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 44AF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
generate_204
tpc.googlesyndication.com/ Frame 0FCC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XmGpFQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 591E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wTI_hQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C2A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=2091931484474790&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B91C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=1262363747512936&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 08CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=3075813884163543&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B991 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=2623157841093587&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0F91 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wVa0RA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 44AF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AsZ1uw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9l0&_p=1973&cid=152270999.1664206263&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1664206262&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&dt=%E7%9A%AE%E5%A4%BE%E4%B8%8D%E8%A6%8B%E5%8D%A1%E7%89%87%E5%85%A8%E6%8E%9B%E5%A4%B1%EF%BC%81%E4%BB%96%E5%9B%9E%E5%AE%B6%E8%A6%8B%E9%80%99%E5%B9%95%E7%9C%BC%E7%A5%9E%E6%AD%BB%203.9%E8%90%AC%E7%B6%B2%E5%8F%8B%E7%AC%91%E7%98%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E7%9A%AE%E5%A4%BE%E4%B8%8D%E8%A6%8B%E5%8D%A1%E7%89%87%E5%85%A8%E6%8E%9B%E5%A4%B1%EF%BC%81%E4%BB%96%E5%9B%9E%E5%AE%B6%E8%A6%8B%E9%80%99%E5%B9%95%E7%9C%BC%E7%A5%9E%E6%AD%BB%203.9%E8%90%AC%E7%B6%B2%E5%8F%8B%E7%AC%91%E7%98%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-bp2IvYeADvpv_CeMaNTxFA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=10200&dns=5&tcp=410&rrt=0&srt=850&pdt=1&clt=1319&dit=1319&a=1973&z=0.10282841616556482&gtm=2pu000&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 23:20:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58207
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A55D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=1262363747512936&bg=!5Oel56PNAAYIxsuQKMY7ACkAdvg8WvBJrOXL7I6PlPs7nHFupfeRxG5BmHV3RcqpuaK1d5j6qbmygQIAAADDUgAAAAFoAQcKAOSzACjMGDfC8diKqHjPg7s9jDUXoRt49LnDdaW9Y_McN_S8D-ouqifoo65CGjq3mX_mFk9wv4euqYVO1kF0DAOo4_xiD7hufGjxFWXWH9PPjUDp8KqrlQ9wMlf6fmJ-R0SMe5XGR5LqVQlbprTM1_FXN_y0Eaafhqdp37kdW0cOGsNqHNJ83jZJKNrAV_MLtlWRkP6boupWoksiBnZXxUm-UR-Jv_OqRsLbmt_NrdAWDh8Sj6vct4JS_qJ4LgpA8fbpjmXGxT1_j6hcIvdfO2E00E8E8n1KscGWz-Vqdrwu-QEQZXuZArFQ2xpB3-fhBcdTDrcZFNHHt5ef4vBFoRJcFqrZn1o-kSfl2uuwrBw38IF1Tw8kGy25Pm9oDffA6_FG8Zie7zdDmaUKlqb4GZBitnriZFjid0S-_3IHGNix5ld5dq79iRI6WD2H4iCuYUY9mLWIsx8tJUhGTrehX9ux_lmfm8AHVkNOQmOf20sZUG6miHq-l1cJDuWWD7SEG9XNCQBCPOV04cqhN5TbDvQA5_8pGEwgBk4WMBwc2IOZ7tQRLo7BNY3XZ3ceqIVUMfYAZu-ajTaRXKAjsV8lCtRrcfsLzFrtyAVwUSS1EyKJsGUWNWcMNwPC0A_Q7OTIlWHlFFlXQR4bgxenhD3ncU-NZDIRtLETNzJVZeEGLEG63rVXximVMUWOP6cOAtMB00dNfyZqU5t_TnGYWQTDD2TgBdB4XviTkGB0UVve4ilrTGVm8zSKAyi3bm42FZQfvXfKclS_7mXelf73LI0_ZGXeLjFdMmeB44agtREVs2DWBiaFEayqic-O_ksiMUbDWszPjPgWz8jsrqy6lZj8awdOXD_gzdonMwouo4jcFi3WqiuZuT6dPruc3qf5THEDMDbpWx5Vqjg2siZQF5RijHeWeUwDrYDATOiXsC3qSnCPJniUd99xIIruod_cDyqs_BjR13qkqxOQdojyGu4JfdiiN-47UMpoFOsZfjPiFwDJYWLek7GJCLiYfQrbejgFPWqqF4-Bpx-CzV_fJPacfgAVnFH-TwM-aXkdqwBwop1hRoFz6MK869qBI0Ur321GFLmHE_hvU4l7ubA37un2MI9__z99dzjBG6QOEJ-OBWvqruawhEXQwITU663w2AkbyHsPOyMI57TUELDODZLtCUgdTo5_kg1x65VIb7WMLF5bI1nYm4BiL2r6HE-_u6TzVFJS2p8w8trZ2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 96F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=2623157841093587&bg=!h4SlhMDNAAYIxsuQKMY7ACkAdvg8Wk2YJJhgpXpjDn2sUuheB3MeMRRcyZm-Z1fOc3yIUPUlW31GWwIAAADhUgAAAAFoAQeZAsF-uRcNogQSucMwMz8_11JddejBAhvZJGnAt8_wYIs67ZqJekBAzpZLbTQ-3bMRP72aNLrbenbjhFdA7MyhXgmac8PpGXnuLjvJ7yNNx1v1uNB8NFDPQuY9Rk8iyouOHGYf0GCuKbbdih815Lxk7HTOM1Fjwrhwaf_CtgMmuLG5mIMg6RltJa1MQu3F8m_uZppkPskWrqpiLf2rIQVbFokNQxcPt24exJ6QRLZD8qVhuKP5m5rWzYQKPZbfdvqcqMEPsCEoWCtrWBgiwQVFCfXmNBgkt2c22jEagIxg2F4jVpJbHGsa22fqtiScwOIfEL5ESkqz9_oOHvh2qbfYQiRK-UfkhSwkspuOiM3iQHYkY0-xtN3FrWuXG291LfekAZZorfdNyV-d4cX-t_IgJJoUUkzZZLflenCJw37LWQ3nUE__NGTMMESSK1qzgui-KL8xIvqZ00GMdll5ZxNf_CDypVf_Z18EZUIWeg9tzKzoOjZg78Hd9XbukEew2Q5_0c_C_XBW3hwSqrqJI58XFUugKZHHYGE-rv1ok2fGQ7EVD43RT4GOLwaJ7pxMzBpi_DFA26sQvUEGOVgC0H51xkTHOmhtugYjocGvdjNU4x2l0qD6zlZhKJAPpZRRhf9COWtHdQYS3hs_JJJPyJnSYDAQbDn3TphLTJ9gTF2N44eXH27FUz4qlbS_Og5FFOIuBpec0J39KhTTqJDhkmQ_vzuEpD5cBNUHow37OaFIn6WeWeJQlecc-39Dj0fxYZzpYMnfjsRtAawvVC5pimTPxtqG4f75lVTb03HFXRAbmULYyJekb4flF3vD9JmAZ2OBXHIRRHAG_F9a9WBNbDs-Yo286H3z-y9jIBVSRdaYxJfXf66mOJKSttbqGz47cp2S5J948YQyn7F0y5DzRlkDiOGRw3N1t96ThqkFChmcxxBqnFM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D920 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=2091931484474790&bg=!9fal9rLNAAYIxsuQKMY7ACkAdvg8WsqVFqIj_ChWsBdcCTwcOU8L5wwqcWJs31GlZIMQ0ZZYB9UofgIAAADsUgAAAAJoAQcKAD6KGA40hFptd92TFRwlHDVTahrhynE9Nz2W39Ha3JdMWZeNmLkGEhs0S29Uvi6GvKEfNSdDB55uSvaYTTDwkZkCtoxQ8hJtCuul7aHIOMl4LRODv0oMKSmftPocytu8_SAnIHQe9A_j0eIdcczslHcfKu5nQz1cos54voX5nRJNROTo3cMcKyDbTYsto5L7Yt-snLXiU7o7xbpKZEpBXcQoJ03TXYF6xH64GdGF_d9-exZ2cCkCL7yIEbBMToFSIk-66jV7B87cAXy9TQB_yRLZHRFR4FS_WP1TAm7g_5r-oC1unMc4BMDjaT9PPfIhpIy4niBqJjplkUK7cyyGPDqmkm2lIiSH-etP73yckhLAaIQjZwwQkBjL-ubjuTziDWwJw6SvpJVNyN9d6_hTCVmyNcnfJvvFHFI-wrgK-aj_c-fnzR5KFnuWAjM3E0gvhEBV8H0JKCYVIYAxbjafe9Hsqu15pNECv-4-Krw2yhucUATF_imj1JUgqDAhd4xCXci3_e_s03n1SbB6zRUmOj1kAMJg8ekIr3j_laqv3Q0X24UmNr7PS9moDerML6AhzT6OEW_279fZaIBPDMe3sgd6XpNGlhbYflGXG89I3zVyz320bmm7ZDtBazJoOejGXv5Blfij3iA0CT6X6IcWTrSxlxblIH1GsbYyJvVaT-ZKVUHiCzOFUQ_4PAX_I_ijhdQXN0eRd6GBz0lgQ8KbBesKzGfo_9SJFQxeVxkw6gH9gESttviul3w0oDsMd8XSqj2HvhTaAR-l303ugD5tnDfYV10e9W_MEpIVZxD190KVV4OUO2U2B4FlyTDZwicHB2xu4UZ9CE3NjhAXJ0-YeaYh9nh1wWyOIwUOTKXHLkbfq7EvVC5kKYZ1oAmSLcwXi3zFwno9hM4dNvaLZwF7ue7xbuTREoe63_V-uMfNWw2hpHG9JIDzt0WEBo0FMoJftmBNkUWC25WaEVfAHJWebRxkzMQRI6jGpGM3T3vGIaMuy7WXq-b63Tg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B3E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=3075813884163543&bg=!q6ilqOzNAAYIxsuQKMY7ACkAdvg8WrArTFgxd5i7X_lltqr58J1PUkvPprOGlC1coMPAwZjyhE7ZdAIAAABzUgAAAAJoAQcKAMbSBKqqwca5gpeN2hFJfKqcaeWOfvtAEGxS7jJI1oHv986sQJ8xjItGu8fTuXRn3vovfP6orflRb3EKVmzjOKMkrjzcnuuUkV9MMXmHiYpNntX44772G7VYs2rzw1bI0TXXIb_jwBhqyrqKvrgx1xHe6YJRvAlVnJuhpY4RaZ8K-UmpHsmHNPurLK07JqyRvomZVzn2LRWC1c1txAwRiXLqzzSTsdYNNSdg56-FLo7gRIj909kqmdiyzb0eS7V3xe0-KciDBMOZArVdLKmUX8bAU6Jtk4FcqRpKMSB2tqgJuo4DiOPL6ysFb2kXVhjjtkc-0iu_EY_mstpUXMN7pcFKKJ1vlLGQSeXMIwTpI4XEdBzCN-Nelu-K69rc1ORYD-kWf_Oq-LfgAuVIUlQ4YiKeJ_cdOxSRQp06-3zBgbtjNVhR1MgWGavsoFeu8uq5f7XF-g7LKZHXilRZj-SwSBszz6s44GQxUZf34h4eaclc56vDlKA8zl4E-EsIzSd5vnoP7UFYumbxmi3SDQfPm14QF4ItyhV9CFjzPEGfJl9rPxCNT-ruacqGktNt1wzm2dqxUoP41N_6UAJAn8bz8C9jT2G8pf8yCon9C0z_9c0Ew1BuN1Y5Kxjdbs90T5aYtnFx6JdaT61Kbx5E97oAhdl_c3QmYR4bSO9ArXuUOs7Og_31389rw-9Qjjm1YGjhz-po1oueXdJtLLc4SebFQOnmSs-4Tj4XO1O47bYwx_uv6aXE5mUcRAUi7iSUX62-LFLGnxOLy-wmF7gqcXs3K1jBRMnoyU_LtWO9hr_A7hRD9IesmN03nb7JVv63BSQpy_PBSaGggmcLNtx2Mr7RxlgA41NPmXAugVJXABLxrYzQcsvR6tXR2m3m2JcM-u1d15uPrHuzGcKlyzt4zNpLnb2jGQsjz65drI-iGSes3-hjVkJjjwGpZDjRYQs0BY_RJoN5L6CXiJkJAj6yDAcVPxCo0RIY8xapdApGPtd_cMkuLOCPKSJ6uQUZ1NWEIS3L0lyCVa0D2K38jhuAOQRIYmxEjOE5Z-jFI_N8xk_0uF86qHthxYkL4XOlKnoIk1eFDVhzF5lK50G-I7vBXNB3s5UB7evQnLlpbVkhyTk85g0b96VUV2PVCr80K1efCqgz8INmGDzrNG-ScYbiGguuuZA-IL8M6kf-HJd-S2OEXP4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3597760113509878&correlator=3460661837350473&eid=31069635%2C31068367%2C44774044&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3De02e6512cd1faaf1-223bd44c4dd700b0%3AT%3D1664206258%3ART%3D1664206258%3AS%3DALNI_MZkjpIaopvi3YAQOeHOhFXbOmFIJg&gpic=UID%3D000009e2d30ee339%3AT%3D1664206258%3ART%3D1664206258%3AS%3DALNI_MbNvpCwjF-FNLt4hHpZzbSp12AfqA&arp=1&abxe=1&dt=1664206263126&lmt=1664206263&dlt=1664206253597&idt=6668&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=152270999.1664206263&ga_sid=1664206263&ga_hid=1973&ga_fc=true&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
8a1a745fad7e4599be6427ec9f1520d111660cb0ced8b0f92777ef403ac2e67f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24628
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
044f88b494e5da637b95e9840f53c74247bd62c3d464c537a54a479b3a7054e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11161
x-xss-protection
0
container.html
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 72FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:03 GMT
expires
Tue, 26 Sep 2023 15:31:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:03 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 27 Sep 2022 15:31:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:31:03 GMT
syncframe
gum.criteo.com/ Frame 3001 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:03 GMT
server
Kestrel
server-processing-duration-in-ticks
375805
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:03 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 27 Sep 2022 15:31:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5818 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
477066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0CC2 		783 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
cd87bff9d07555b741c3d3346b20beb878f17449c72d6e6749aadccaa15c45f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nif_TctfSOR87D37ksvD7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-nif_TctfSOR87D37ksvD7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:03 GMT
expires
Mon, 26 Sep 2022 15:31:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 5818 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
container.html
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E28 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:03 GMT
expires
Tue, 26 Sep 2023 15:31:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1D15 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:03 GMT
expires
Tue, 26 Sep 2023 15:31:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EFE0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:03 GMT
expires
Tue, 26 Sep 2023 15:31:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 3001 		449 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
cab55253c383f9d7f08821538978c670dac15e311f033c1e4ddfd860b4a19d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:03 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2409160
strict-transport-security
max-age=31536000; preload;
expires
0
generate_204
tpc.googlesyndication.com/ Frame 5818 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Wut_VQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0CC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=3597760113509878&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3C02 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVO-ys1GME4bsnTa22pYHxt9A-pdg1Kc1qvXVjCR701wUqokk71f8dtTSZV2KAeQGQZjfWz8aDlGevFLCEUoj9RH4rIgQ
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9E28 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcisT9j_hsqhzRgoIz2D7KjQtezcPA48-lq4_fx7Yck3eruaspL1Axmt-awxQa0dITVaq4h1ekz986DUjyBiCw-bnZ1Q&cry=1&dbm_d=AKAmf-DndXgUGlasca88Oys76iDcaR5hekZd-N_NBUqjW8uabU0xG-cOYgQ2DcfvUYRQ__un36YUYMWWUxGS-baP2njLqxuLptmjIAKoSeKAgaK9rRaJswx2QKs3W_7bDVpJZzwoLHXeoCv4zdaJ1D8DIgyIR1xNnMpfF1lwGJkNje75hwxvdw1rbwXlevLCi4LJo7urTR8j5WYsJLWi4Os41MMxRreT19yTI9S3d_B6zEEsb45WOQ9x9-HegW0jxiv8pWwTHeDd8_-UQ_cFkF0-wjZRpx3y_9-TFV9jo_Bsx3q79fnX73WugBjKzDFDIKqAov1YBOVH9gyQhCqr-riLvlr68F26IAh374hOQ2hR7r1VJ78_NSJ44I5EncUzWmy9X8zSEHW6Nrt7pMt0JQ5hxY9YUfTVzYY_K7P1I1iE5gbbxppJSbAV1lmwXpNs87pCsfYffeQbx_OuA2dZl9yQnCYQrzGBWvzps8TmE3dCChrwSFPHPNPK3cI7TrNgVqi8seWLfcd-c18mubuMhdA6ajwA6alXS-KF2j57XKrnQ0sekHtcIzKK8cY0tFO-ciHXyllxr2wSUd4r2HpTfgdM8H1jKWetWgOJ_noMiffOo7Ua5Uip4_lAjAnj_FILT8uDTxRmHPRzl1rPZ18mmfWgKq6ZYqVgPgB1a-IL-zq8g7UYlh4oDIvlwDG546rBkck2UUA_rtgkBVuTCh_Ab20ZIpkn46VHUIiCaNAxXLu3FTepyIxY5RGF2GZLQ8mSmohjLM1eueCDxr1bTzKuHkKLTNm7xSa5gMkyGmtKPIgOp9HJMgPN22fAi7Ba6dyN8eIS7SzFli1SynDd4Wek33BHkThwC71sO2RLzs8G_EfVlNT76hDinuOtzSNm9R3_loZi1c8bkb3gILG6sUYBvn0egZm00vVjQY0D5kx6jPLJVscqpRrvAPIQRysvGaSxo790syHLn1miIKApn3M3Ikg3ffIGq-eEU8YQySeQhxzLUopnXk5JeGJ0mw06Te47PRi4mmp9zq3yoG4JpUqHgb6GURX7v-WVTFtS0ksfdKsWmpp4HayXHF1cgnr7PY2KCCNZuqDAO0tN6njVj8APhV_wgrgKhtSx6KNlRj0I3gKxViFsLqewvrB3Rp5uEX2a6poEnuI29ygKJr_qqNwd9yoD1y4YrYfxJw5yA9woBLYvY5krRdtdVp99lAgAg-P8VNwftkKyd5L-0yRYNQpFH2Am_Ikl3puTOmg_2kxOg1jrxQRC_XeZu1CNSPdIfqRdjixhHF32pLeO2jkLKno90z7OQQzYHfUhWVeYHkDaSi4qqLly-Mp0YaZ7Fy0vTzmdpuIk5g2kO6koROu3W0K22hUhgCaIDknu_UvcNvO71nwLc5owLDK-9Mapti2Deyf3JWTOB4fOeqrFlkuwItnVA_Jhz3DFvYTaBs9nEgRN2YslFI9RcBvgANMZwtcCmF1rY6MKCo59T5eWS5VWQPlfJ811X4HQJX26WVL3ZutAQ-R0aBpeCfQh2NETfBLrxYSrdg_N2LcK46T4aUqUOlNxu8g2bImMXg49rB1uyaVqnKQUcx-PuAAiCU_yZ-CugNqtrXX6OwPaqGnhdRLstnjI3W5CFMM_xzfjd0ZYcNTUnn6eyvTgiWxjAqOdYU4z3PuSoT7A8bsLgOdadxKULsId4tpC36oV93aLqVfsWiZEndgSbYMmizbi_lE4Y0makuET8P4RINI5YKAMFmey33GYDbcAxQfu8LxYm39s15BNv8leDMzv3WQpsDClnzY-xsYWUXXYFHRFhDW_EINr6n7hDRgLAHnOSY-0Z1Ie3QzC0kqUw0P0DpbLlF-m1fbhtbO98eGgQwD054s9FtDfEywfpuSMMq7Ih-VnrTyWNbp4R8rLgoIa7fn4KoqISi1Gg5y9YjEQJjPTMCLJ_pHkAjr30Pb8yXrsGaqBvh-vMEg9oX3JYaInRWdZ3AKQJRFkVyWQj5PVxmch_UH5kNg-FYqYcdaegYWYGZPtnx__iMtyiLOL1J_jY4AlL8D_pVVt9EYhN4a2lBJt6zjeX15UtI7FcZc0xq6RF0wLnRVCCAv3eUfcSj6FT3Rd9zmwLlZggcbbuqfAD1uBBFYSFhI3KPFfIMTace57EE7AH2k8p93yfW7KeaiAoqn9rzdFZChYm6CiUH_jE9KXlqfkP60RktuUVfYMyjoTzxOyPxNuIg5nGAIYOLfu5FxOoOt78eomYE4zibvpH367RF590vdRXLYRYXtGDONx9kcccitZCLu95nqN_EZn1CrhLP233Q3jMwG94XIvSrAW8wwqbBpDgI6nBfRiJwCaJXUf8v-8w9gUZjA7hvKNwoILeqSiqr1AF97X14LxrL1zaFglIE0yWajgUkEhDsnL_XaHRJtsgBP5Jln1g7acF2Tmvx-17SVvk1YZygWAe_AjPuTuB31X8ZT7CVyVTe_aUXn-d-UmZUd6ZE5nPMvL6Eu5vKmgMU6UqCF7fO947my-SFvR7HAKwWrV27x3PAfwWAqimJc9r-hPGxeRqoYDI8y-17iDyW0LeEvhEMcnLZTlOhj4kgTtp90lmjfvJVmjzdtBJKBi8WksP1ztdNPsqYrSvGhiVSzpL2SWW78aTw6mFdZqWtJN4fYQu70WcxjaIuylx2JaCHQP2i6oEqGjQ5iRRghybNHPw3Hjd9FivfyoSBiSZlF6zl5R-4SFAveWrXOO26c90KtvjLymIOtOM1W7rWiSTl1WIqhB2WL2uzFC9h2Ccrtu90pfZ78FZXsBjlg1xWBZOVdJ3j8evfrBzGT5qFO6w1ZqWuFDh8dQpvk7T-MxlKLJ3sdNd1dL2pXMTBL_nJnST8Qs7BnUuKFKa1qk0g5izsHr8IBY15V1QjARIBRjY5qZGTdCVWKGlgjAh0sPx-icoPQuobIRzNMLqmGTBW11eoatGsXaJ6TGK9WEmbsvEQA4B_p-WCLLqMi8muaxbO3rQaVeNbZ4BoIhyevs0pO20R6ZdozUa-HKii1vViId8CkNjd6GbIellPOx41H02ibjVYDdzr6Q46Yt-d7A19FOKeMBpGX55n-Hj2jBv_vzrYeFw99_pIZlDcDlgJYqOEAzfgEd6go2loSQXivpRMFr8E-WW9A779rdrUhinAzP19HnGxH7d0ARitolIyc31a-b2INi755Qkrprl6vA227aauGsqgz0n0yr9xTBvj8oHo0TcwSoV0im3UB-_u2RDQSWvJgLZYj8Gm50nUZtq-fYY9vAvh7zdOmrNCj2y1ODm2vQ1Oguem7481n-C6XIxCCF2ibjAkRb6iLzVtl7zPaSMSUYj-z8pY2_KNFN7f-Ow5C_99u0lgD8GSO3NSD7F9jesZtqLQsNwhczkxq-ug4&cid=CAASJeRoMTX2GvNWPvZAMb9qAd3nieg9dE2AeGbqCb6B2irCNo6LHGU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
e4054d1fcd83bf0fd9a5dcd71fd98b2a73f80a1b6307bf2f3f9779c35e55bb02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34385
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E28 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7h0xNiI54xMVlhzniZor_RZbzTBNnx0L5leg1pXwOSF9TGHigkwejsJlmx7fAIzmq-TMCAIkx9cK4Tu0ejUHUYXarPf7EtZ705c3txWTtxzoVNL0
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9E28 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:36:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9E28 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:38:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:38:38 GMT
l
www.google.com/ads/measurement/ Frame 9E28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQD35rjasuhDdeJTNH8T4Ye_YuB3DZvv_Fo4pHdUnan8IbUKWCafK-58Hi-BNJceYcWZFeOgXV4Y0UGC0JN2I34b5oIYQ
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9E28 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:31:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ACDD 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVluzmOe9d-ppkipj15XUlE6vEmVGOpe4SMxWGhpSE3P7rqf5qeNt04dfLq4ptdM8vcwU0AOW2rdNH2KRm6o3SfLxQYDA
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1D15 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhZEBGbr33ANbs-1FZX5ahQ7SvBNuu1JvA5VVtcGoY-aDrbfS7LH9k0nWPL5EVzT1KhJg3jFCTOO_NYXBjDpLMfZ_QeA&cry=1&dbm_d=AKAmf-DCXJ6VVF0mo2z9dT_cHMPEpa1J4G9v6L0A16-PQc9BUBElmrt-0wSzLHXmKSK2qMFFpISbjQfrFNq4thOTW8h-Ud7WxlEaLr8oLcBVN4UFaFPEOd2MmO34yQCrf6cZNFB7qriDzhaZp8u1AsPvdzd5m59Dr0ZPD9X9hkqT1ngNMBziDZaXliuIiMUG1esucjFHKvCzJKDHuJIOi2AVlC57XLziRDPBHfL76z6ka8x7rqcCtsGkAYBgWpBEcZFnxNf3T0Ltz9er2p51-50_iUbGAV1xU0Ebu-kCl3LctX7ZQIHI-FaRlkJ-1Fizog_4MR_Lc7V8xysL_otGcrCFKxKYSisfjLHxhBGMOA3tvy6r3vYI74GDCA73O1TxmBx9TswxPzLB2RzN60ySw7VQ2FjdgK79ioeKtcDAaDN2iIYV15MKYBgRGpXcGv_fETHuwPxBOmaEDlLq9QyLmbv6p-EUUtY1w8FNfCL-JDMk59o6o5Fs8feQ3QFWBAE4B622e-9QGndhwhcDZqaGqY0sYgd9E7nFDfwzAbWnyVBPoUN_AdsyK5lKcSmdO5UactdkqkHz53lwXjRet9JuC9_cNnnHr9K2P2SWQp04vNGrFM0YHXwKta6wIOKQqfCSE1azxfMq-NEUaz1MHmvOZqP0dLbrb9gwtJhuqH8MfTltcWI55oLEuB387wU8l4EgKybwfPwtEPGTB0cFeZRD6RBlZUeK1K1yA9MTPqd9quUcWv5BjGQz95wm6BEQbn3eMfwKa_PDwSQeR-BpJRyj1q-zNkA7tmi8rAxPC01BHDAg6tAFT4V0hHnUNVL6kLqxm3ds3tSKIMNJJYtzH2K1mfIcbKIUdYXpqv1WcZR8jx7kra-aLuOzMu2HPXfQPtB-GKIHvocXyWvAA8igAka4-zfce_TIAmGuM1zvUBqKVUZgc0BKkvNLLGG8JTsak7EffWbm7J9tTxE6pBnksdcv59x5TYH7r_ViskUmcRZUWXdPui3E7mr4GmrYj6sTYURrpOfiiiexOjyf3jNL9ya5DltUN1pjoiAZ4qRnmwGvhXcq_4bF2sAe_xf1ke8pM53Sxim7Ga3Nx6twNJ1mUnSAenN1k4NQkhmOuk6WxGuezBU8KNZvyvwkYD8RkZ7MpCyOfEXQ3E3ZxwZ6sZRSYA_3ghM_63gYmPlJVOc8eldqXDpoYIYaviNpd1iW1UHtJ4lukiTjHLL_730lXmVpLVtRktG3Orz6DVr8u1yc61kjp6a1wN7qdkOFLanVWfaaW47CCoKSm0pTVnH1Tdw29chMp8GYpbmKlu0-p9wKkP8t-pKgcaflNqfexjYiSriXViSte8DrmufwAegUxN5D3HxK266XgCYYJUhU2NT53KILqcfzNcMpsfUYeEXLKSTgto2Slr7cGmen_0qEU9GPZGsOf1rrjbJ-T4oVWpnSGO5qV0EASdgi_04QOE8g2D0cn9uOh1-O1ZEGkAmPAQdCbWHf7hEBxHThLGX78OwKrktAhNBC2K3x0p_E5a37OOV3B71_o_4GK46KUnCgw3FVewFjNi8gI6NmrudLHhyk5XvoJ8Q8ZGfsDnnL_rVZZtCsIydN-3izy4BevNjWQWppV3oRQFvBlgj_hn8KyE4q0soORnOK0YwoHwmH_ar4ns2e45aZegFaDji5l2dLV0WPjDEsA4rCiXncyqLc8SIJphoRgZa_8KnnL7ea3l9MQo2YYndZCxdBWI3wUFbxtB3_lYxJGzDbH5pgPLLlnkN1NK0z4PjltgS3xGpyTc2FrNnh4KixxPmK_JkJzuMDBCXaZTOnV5Rf93W5pE8AqgnimtTJpbIu0NnwjO7y0M3yVdgMOlg7iqsD5Z2fb4WJN1OunVoqSk1GmD58BipL3OD_bYbxi-WJIL9dHzYy4iJrPoNTefVyVXehg1Kuniv-wbhpltWLxZvCqjnBYKsjWEVh8-8oMAauj7oGswfDFUFOtNMjcXzzZkj9ZzfdNOltFiovtwyPcufYxUPYE1FbyJuZT9M9eo0K09gYzyNRWG8gVzBPNCcDJD91KLISlZDyd76YOnvLfYEylSfsCAudsZ2JBJO6W_kvFWazakgq5EkfY7luAWekMTexVcC_uRC2MC4_y7EE2RlLFk5RN3ysVWqqTATZmDHnRjboRgPp5db3BxROMRPP6oXIV18ts_1eM9vSc8A8vW1Wh9XRCGH8Xcq66plrtsR_JUgYL-6r6AnNIZMC-tfbUgY4eAhPD6OVwYNJhdq1qF5E4fKTAH2vzBEjbscjSpA-3m8Hns9nhsdAig0nOMEor3IfeoCO4z9OIj_FFdnL5xCDP0bEL48O0UEuyL-ljSOwbSDc70vtQgQ36sm0J8eOeWCKKlkrIBh5UXsJptmQpWudC-rcQO0AwD8zkrZODhszpJij9G_NnQ1Pj-ip_oKYVHFbp-Lr72x2tDH10qXlppyEF0u6mX58EVwLSt9t2FTVRETFoQr-sHKGxmQKI1JIuJ6MzDDrFCFDyGWYD3kCaoiThkw75L_4f5fP6G3582jsU65_6iXuh7EeniPmyxRYC-HJJoLSrgepeLq4GWbJH-CWS2BiZ6ItbO7tWHhCSQCqcQ4iYgU_NvR3u33an7FuFHiiVVJryWc4v8mnq40kr2eV4jGEhbNs9sQ-1pwbd6wcLnUQbP4-8WNOhRNzT7SLoh7xkI4jc_aZFDqZJYuPOynBJTR7wv658MnmzjPpHjIX3TGqQj9Y4ZHJ5lNjGb8HWOLJWJkoqRz-5SuGrY7X58gWxOyOtTLci0qKJqRX8kkRtXpZv6n1K7LKUvBcfx_n9bclqpW5VdISX-vcPZDPE9QVb44O4nwBGgCsB0ix8u0PQ_MhBWeiAXTzNz7Jz-SBvLUH53N5fOg-i3Dz-iQ5ujxwfNWhWjnt_YwG0l-vQ4_edRWY3_II4Y7AyGEs-F93NQKNCyQcOFKxJrUTSlEJG1zvlWerIJ3ObHF1wvHqY0P0JUEHCs9qUARdYiyeqspNIJd_9_Ilc59qtgBHeo7hTssJX_FWQpkY1A2zqz5y-3v8Y4A5K2pjdRvPf4eZV3r-2vno0g9JoqDkgyzy5xXgDY3WNvo5pDEBo3ePmRe7astF47KmSoOaVrzSWGHpUczFSSV8jAd3AOkFSL68mi9PVlxDmPZXxhtqHBe-HugiLazhjtiR3lVjbYU82j6lou69LyZtBjMK76BUrNkqYRh6yaUEgLFXoUvYst8MsYLGQ_1lAb0o0za3GuIg2tpgThuc3SvFVQuoO9dOiRCFUgZLD4FlsuyWibDXFmX3joh42I6qxjfyuBGoTlt5yqk46G3Y9qc4vO79NlKR8ROqyjglX4-6qTo4KRfw06tdQp6W0LJnhRvjpFAU9Iw&cid=CAASJeRoYQ2hDTDsovBjDtKp4p1lMrpxIfpw28qp-yxti9Fdo09P2X8&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
c4510ee5cc81a0c33039bfa194bed55cf979067b6709f46c3066907098c88122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34190
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D15 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DvNZavdMNGQlEJ0iS1pKRPwUrvsUf6TQjWqYqNHFIz3jmJBqphYTpaujd-8yEa4jP2qEjOPG02xA2WpdhWzsTLGq54e-i5T_B5Dl3ZvMKUukUqhRM
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 1D15 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:36:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 1D15 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:38:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:38:38 GMT
l
www.google.com/ads/measurement/ Frame 1D15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsTNEJfb7iEHwSN7X7lceLyhzkTTh6LtNw2eZNL3lOS7ZoCkhsPdg-gfirdB74XXUQ8CAPApTfuezx4r9M3rl6dF9jLw
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D15 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:31:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EFE0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJK5ot8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE3wJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zpvupf4cQ6g9Y-btuZycc48Iep15nnyvdeRC6_CEZCg8P6bTLguMrgBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=ArqH7J7ttgQ&uach_m=[UACH]&cid=CAQSPACsnQUxhPlm2cE5z_ix6GnGOJVxOphbE6BR9RLyWQy02LgaOyBd9WL5i-dB2qGVMNABXEbSta6seoCpcRgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame EFE0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kbG-FM7xBnjYBGL4LRICAAAA-ONZtFtuTcNIE3LHELfFMWMr5Qkjq1mFUXcDWAASAAA&wp=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
server
Kestrel
server-processing-duration-in-ticks
150132
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame 9DBA 		172 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
8c5fb09428613d9e5d726706f0e366035e89b36bd346e20940ab207d425baac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=fZfV8_aRrBIZ4hdui8FL8nVJOScyazSXoLweuG2Nk7VuRZcfNr-hab_1tX06j1XFl-KX55yr2h59VhNhDztMtNO2jUPV52NPY7MNphWVmrgjEM3NHIeR4MxORlpl6F3Qkqj9mpQgbDcgyHZV98YpNou5wzqn-MIqEd6J_9UcTeIz_icT0eJFLlNq36MbRnE-HJerPB-i-f1CEcCoJmU6Hft7IWmmxuX9nYETMpx__xXCVM2Bdld1bpCRToEmWJ7O1W8d2Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
83498058
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame EFE0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:36:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 11DF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
13785
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 11:41:19 GMT
etag
48472445140208031
expires
Tue, 27 Sep 2022 11:41:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame EFE0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:38:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:38:38 GMT
l
www.google.com/ads/measurement/ Frame EFE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQn34qbvP1UGf9nQiY-4jcE7WrDwSRVKXV0k-no0lQHTfTEZDL7TqEkA-qssJoJ9JmBNdAQFyFB1_aq676IvopRpDcCHQ
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EFE0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 15:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Sep 2023 15:12:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EFE0 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 15:31:06 GMT
rum
dsum-sec.casalemedia.com/ Frame 3C02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1&C=1
43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVO-ys1GME4bsnTa22pYHxt9A-pdg1Kc1qvXVjCR701wUqokk71f8dtTSZV2KAeQGQZjfWz8aDlGevFLCEUoj9RH4rIgQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
750d0b6328b417ce-MEL
pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BifRaOAcnL93p%2BtOx%2FB4DT30EpXUnVXPw4dGueZeNhH%2BC8gq9tHpqGczsyNmd%2Bw3IZOBeu9j2H%2FkasMk%2BMKDGfTH3Z41fM7ZHSGtJHxEf%2B%2BVASgb%2FuFEHVjOXTwvh%2F5OsilsmRUG6CikA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3VWsH2pjtXJzWm%2FgsNTAFehicay4X%2F7DKnid0wNLNvE%2FYEKIhqBWnefmL8q6Kiq3M6UFlu66z7gcl6%2F4ZGEs6GCjVyyBGYmDlBTdpnstWHkp6Hnq3mOIY%2F60mEBsE31zk2f9pEUjsU4gA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1&C=1
cache-control
no-cache
cf-ray
750d0b60d9c85a5b-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 3C02
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzHFuIs8Je28RJ-2Gwd3sgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVO-ys1GME4bsnTa22pYHxt9A-pdg1Kc1qvXVjCR701wUqokk71f8dtTSZV2KAeQGQZjfWz8aDlGevFLCEUoj9RH4rIgQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
750d0b660ae517ce-MEL
pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH5nhFKOraeS8slxA5xjmZUVSc1H9kaKtsC%2F0NvIeLT5aCYr1kaEdV4bhrzmVWtkSS4o%2BcwpQR4IoYU2i9jMOvmRjhd68%2FRKWAe6RBg32PTB4xCr0ul0d%2BqmMNIB4heKRD2SMEHLk3AGDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA4fulltiw9QvxNv56C1v2M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 3C02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDAZlIecQnAOSQ18vS5r-0w&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDAZlIecQnAOSQ18vS5r-0w%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDAZlIecQnAOSQ18vS5r-0w%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVO-ys1GME4bsnTa22pYHxt9A-pdg1Kc1qvXVjCR701wUqokk71f8dtTSZV2KAeQGQZjfWz8aDlGevFLCEUoj9RH4rIgQ
Protocol
HTTP/1.1
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:04 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
94641a7b-97e2-4dd2-8e03-bb669bafbbc8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:04 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3f98c7ec-e893-46a7-8d8d-2db0630411d5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDAZlIecQnAOSQ18vS5r-0w%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3C02
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3ODc4ODc4MzIyMDgxNjkwNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3ODc4ODc4MzIyMDgxNjkwNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVO-ys1GME4bsnTa22pYHxt9A-pdg1Kc1qvXVjCR701wUqokk71f8dtTSZV2KAeQGQZjfWz8aDlGevFLCEUoj9RH4rIgQ
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:04 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ecab1c7-5010-4beb-8de5-aeeb17e7b292
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk3ODc4ODc4MzIyMDgxNjkwNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame ACDD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELbQP3rs8wTpksrJz-O70zA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELbQP3rs8wTpksrJz-O70zA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVluzmOe9d-ppkipj15XUlE6vEmVGOpe4SMxWGhpSE3P7rqf5qeNt04dfLq4ptdM8vcwU0AOW2rdNH2KRm6o3SfLxQYDA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELbQP3rs8wTpksrJz-O70zA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ACDD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGIxOWZiZWItYzM4MS0yNmY2LWZiYjgtMGNlODk5NTNlYTkz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGIxOWZiZWItYzM4MS0yNmY2LWZiYjgtMGNlODk5NTNlYTkz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVluzmOe9d-ppkipj15XUlE6vEmVGOpe4SMxWGhpSE3P7rqf5qeNt04dfLq4ptdM8vcwU0AOW2rdNH2KRm6o3SfLxQYDA
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGIxOWZiZWItYzM4MS0yNmY2LWZiYjgtMGNlODk5NTNlYTkz
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame ACDD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFUgCf96o2Z0fIlftmIArBk&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFUgCf96o2Z0fIlftmIArBk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVluzmOe9d-ppkipj15XUlE6vEmVGOpe4SMxWGhpSE3P7rqf5qeNt04dfLq4ptdM8vcwU0AOW2rdNH2KRm6o3SfLxQYDA
Protocol
H2
Server
184.31.5.88 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-88.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 26 Sep 2022 15:31:05 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFUgCf96o2Z0fIlftmIArBk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ACDD
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzA2NjAxY2MtZmI4Yy00MjkzLTkzZGEtZjVhY2I1YTI0ZTIz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzA2NjAxY2MtZmI4Yy00MjkzLTkzZGEtZjVhY2I1YTI0ZTIz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNVluzmOe9d-ppkipj15XUlE6vEmVGOpe4SMxWGhpSE3P7rqf5qeNt04dfLq4ptdM8vcwU0AOW2rdNH2KRm6o3SfLxQYDA
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzA2NjAxY2MtZmI4Yy00MjkzLTkzZGEtZjVhY2I1YTI0ZTIz
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 26 Sep 2022 15:31:05 GMT
pixel
cm.g.doubleclick.net/ Frame 11DF
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmNiNTllNGItNmQwOS00NWNlLThmNDktMDlkMzQ4OGNiMWZk&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmNiNTllNGItNmQwOS00NWNlLThmNDktMDlkMzQ4OGNiMWZk&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9a6Sx1vTMAWCOruCWRdknxF1ZB8BVvH-hfdbtwofPwZkdZjW_u6x-FnJ_JjWAFaWQJNuZ2EUP9UrrzXOWAKB9eKzrlvO3lbqEVSrt573plqm5tVI7LqEJOd1EnV1KJM3zZs7CEcUbu_maIg3nJ9zo
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmNiNTllNGItNmQwOS00NWNlLThmNDktMDlkMzQ4OGNiMWZk&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9a6Sx1vTMAWCOruCWRdknxF1ZB8BVvH-hfdbtwofPwZkdZjW_u6x-FnJ_JjWAFaWQJNuZ2EUP9UrrzXOWAKB9eKzrlvO3lbqEVSrt573plqm5tVI7LqEJOd1EnV1KJM3zZs7CEcUbu_maIg3nJ9zo
date
Mon, 26 Sep 2022 15:31:05 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 11DF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOTlSE-p5W84Gv6YM8zD7O4&google_cver=1&google_push=AZmPxg_U547_Cs_q5OAsoS4mPVVCBTh7cBdiVxfMed92tmSZKvYPYEGEpRbjzhIxeJPdNAWjHGfgx-Bt...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOTlSE-p5W84Gv6YM8zD7O4&google_cver=1&google_push=AZmPxg_U547_Cs_q5OAsoS4mPVVCBTh7cBdiVxfMed92tmSZKvYPYEGEpRbjzhIxeJPdNAWjHGf...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU1NzU1MDAzNjU5NTUzMjkxMw&google_push=AZmPxg_U547_Cs_q5OAsoS4mPVVCBTh7cBdiVxfMed92tmSZKvYPYEGEpRbjzhIxeJPdNAWjHGfgx-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU1NzU1MDAzNjU5NTUzMjkxMw&google_push=AZmPxg_U547_Cs_q5OAsoS4mPVVCBTh7cBdiVxfMed92tmSZKvYPYEGEpRbjzhIxeJPdNAWjHGfgx-BtKi3iy-D_IGzl3bFHF5cF5M4SBEo8YLtiklIdZ3rg2AhWnk2za5hKAVZdAAUX9JenZNltqHce7m4
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU1NzU1MDAzNjU5NTUzMjkxMw&google_push=AZmPxg_U547_Cs_q5OAsoS4mPVVCBTh7cBdiVxfMed92tmSZKvYPYEGEpRbjzhIxeJPdNAWjHGfgx-BtKi3iy-D_IGzl3bFHF5cF5M4SBEo8YLtiklIdZ3rg2AhWnk2za5hKAVZdAAUX9JenZNltqHce7m4
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 11DF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EjXXBkXGTYaZJdVTwu29rg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EjXXBkXGTYaZJdVTwu29rg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-N45wrckH7gfoXQWtMknA8EozxKTzdoRrTigivSYvfO-mMwGld0nM1u6i4Pb3Fj5g7SgVVqPdiOKmrSYaGJFhrmHFAt77vw_ug3wWSnJ6zObIeH8wdAhXN9tYJJjLTgLcRMIGfZLCwGwylBmaEjnY
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EjXXBkXGTYaZJdVTwu29rg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-N45wrckH7gfoXQWtMknA8EozxKTzdoRrTigivSYvfO-mMwGld0nM1u6i4Pb3Fj5g7SgVVqPdiOKmrSYaGJFhrmHFAt77vw_ug3wWSnJ6zObIeH8wdAhXN9tYJJjLTgLcRMIGfZLCwGwylBmaEjnY
date
Mon, 26 Sep 2022 15:31:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 11DF
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGHZeGsGgWAHyZHMp3ZEyRg&google_cver=1&google_push=AZmPxg84T3akYhSMTamTL9udbKcRBx_WoGBoRJAz4qFXZWI17vmTkfLZ84DQk7R_AhtQue4IQy6emiN0DpRBpgXe...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=24cf6835&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg84T3akYhSMTamTL9udbKcRBx_WoGBoRJAz4qFXZWI1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=24cf6835&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg84T3akYhSMTamTL9udbKcRBx_WoGBoRJAz4qFXZWI17vmTkfLZ84DQk7R_AhtQue4IQy6emiN0DpRBpgXeBZimKdjRS3FhTnZaU3X8QXBmGbDII4gHcRaBtcKMNJtae-E2BE5_uSlhT0tKrEJkNBw
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Sep 2022 15:31:04 GMT
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=24cf6835&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg84T3akYhSMTamTL9udbKcRBx_WoGBoRJAz4qFXZWI17vmTkfLZ84DQk7R_AhtQue4IQy6emiN0DpRBpgXeBZimKdjRS3FhTnZaU3X8QXBmGbDII4gHcRaBtcKMNJtae-E2BE5_uSlhT0tKrEJkNBw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
amlvuE9-uY4_O-103mfdsVwEYQwhubXSy3nTGVl2ih5FV2XqXDocMw==
pixel
cm.g.doubleclick.net/ Frame 11DF
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEH8haamKdosUpPOPlWyHqGc&google_cver=1&google_push=AZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222zIS3y4X7h3K6BgjqU3Jmu-BzuKB-...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEH8haamKdosUpPOPlWyHqGc%26google_cver%3D1%26google_push%3DAZmPxg8XRbtOQxP-y3bFul...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A2239767280238030244&exchange=193&google_gid=CAESEH8haamKdosUpPOPlWyHqGc&google_cver=1&google_push=AZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIyMzk3NjcyODAyMzgwMzAyNDQ&google_push=AZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222zIS3y4X7h3K6BgjqU3Jmu-BzuKB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIyMzk3NjcyODAyMzgwMzAyNDQ&google_push=AZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222zIS3y4X7h3K6BgjqU3Jmu-BzuKB-zAOBSaM-Mzi9lb-3cfVmjxQjGO1ePXZFFQP2zWfnRp8NVB3_UfBQZBbbRelizC1z7Tmk4Fl9Uus
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTIyMzk3NjcyODAyMzgwMzAyNDQ&google_push=AZmPxg8XRbtOQxP-y3bFulEXIo-ZeakBvpQxCprI60J4Sx8Hc222zIS3y4X7h3K6BgjqU3Jmu-BzuKB-zAOBSaM-Mzi9lb-3cfVmjxQjGO1ePXZFFQP2zWfnRp8NVB3_UfBQZBbbRelizC1z7Tmk4Fl9Uus
Date
Mon, 26 Sep 2022 15:31:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 11DF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECbnEZ3dZaKN3wZ0XpyHTzk&google_cver=1&google_push=AZmPxg8jUl_2CYmJGbhwJ6hjFVWJW-AeRHXOoOL4SDpVdkHE2dUGuK6NaLQ6VZ8TcOB70tGGL-...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECbnEZ3dZaKN3wZ0XpyHTzk&google_cver=1&google_push=AZmPxg8jUl_2CYmJGbhwJ6hjFVWJW-AeRHXOoOL4SDpVdkHE2dUGuK6NaLQ6VZ8TcOB70tGGL-...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00aEw1dE1kRTJ1R05Ga1VnZkVtdnhFTWRucDQwZ2Z3cn5B&google_push=AZmPxg8jUl_2CYmJGbhwJ6hjFVWJW-AeRHXOoOL4SDpVdkHE2dUGuK6Na...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00aEw1dE1kRTJ1R05Ga1VnZkVtdnhFTWRucDQwZ2Z3cn5B&google_push=AZmPxg8jUl_2CYmJGbhwJ6hjFVWJW-AeRHXOoOL4SDpVdkHE2dUGuK6NaLQ6VZ8TcOB70tGGL-fzavng9xs8r2UawjOcQUdhCTa_PYewJ8DVmVdqGTgP-KguTOY8hNAzkACBBt85FpO2AaWpiPw6_RP74z8
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00aEw1dE1kRTJ1R05Ga1VnZkVtdnhFTWRucDQwZ2Z3cn5B&google_push=AZmPxg8jUl_2CYmJGbhwJ6hjFVWJW-AeRHXOoOL4SDpVdkHE2dUGuK6NaLQ6VZ8TcOB70tGGL-fzavng9xs8r2UawjOcQUdhCTa_PYewJ8DVmVdqGTgP-KguTOY8hNAzkACBBt85FpO2AaWpiPw6_RP74z8
date
Mon, 26 Sep 2022 15:31:04 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 11DF
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJ_2PWUkA1WuVGkc7iHYGJU&google_cver=1&google_push=AZmPxg-TYdHtPXfbDmtXXFY-LpuhdIwCgY3gRxPPoWyqQkg1wd0TNRLqgX5JtAx9WX-x-p84IMGVYzfYRRQJCRh2X-RiuZjz4...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg-TYdHtPXfbDmtXXFY-LpuhdIwCgY3gRxPPoWyqQkg1wd0TNRLqgX5JtAx9WX-x-p84IMGVYzfYRRQJCRh2X-RiuZjz4E8mtYi422HasN7vYRe3x4NHqwp6r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg-TYdHtPXfbDmtXXFY-LpuhdIwCgY3gRxPPoWyqQkg1wd0TNRLqgX5JtAx9WX-x-p84IMGVYzfYRRQJCRh2X-RiuZjz4E8mtYi422HasN7vYRe3x4NHqwp6rIXWpV5z2mvOuFX_IH8SJrEnqpwaZupT&google_hm=ZWMwMjg0MmEyYjdjNDRkNTMyMWUwNWExNTI0MDM5MWY=
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg-TYdHtPXfbDmtXXFY-LpuhdIwCgY3gRxPPoWyqQkg1wd0TNRLqgX5JtAx9WX-x-p84IMGVYzfYRRQJCRh2X-RiuZjz4E8mtYi422HasN7vYRe3x4NHqwp6rIXWpV5z2mvOuFX_IH8SJrEnqpwaZupT&google_hm=ZWMwMjg0MmEyYjdjNDRkNTMyMWUwNWExNTI0MDM5MWY=
date
Mon, 26 Sep 2022 15:31:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 11DF 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgjXH9tS9wA-UzVoq6Un3E-NmPMFPDSrG0MCuCyHXYs7QgUrGdLHzadsA3kuuTEbfyV7nDtaUH
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9DBA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:04 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9DBA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:04 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9DBA 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 21 Sep 2023 15:31:04 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9DBA 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 21 Sep 2023 15:31:04 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9DBA 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=6nuvGuj4Mib_ocuQNjG5KtEf8VJC4v_NuxulB8Rzx7VmliVtnu48f17eWxzvxLwT4ix2TuZtBzaCzFdUaSuGMbFsT13d2HGD6pmftjwNiLrdQb6jacXtU8IZUuVGZ6jKCHOh0P_5iXSIxgBgP0ly_DMeY-_JNfMtsZIgIz7hXZ7QlnAfybNh4cSbIY3TW6diAYo01WAGlHMZX663NdqPSp5uPdI_aTSBNtMegfoGnsuqb5EZbT0_qg-87Bbn76r4lEHSaj0o0-2eInDKZsgr0w-BLjc2b_xaBZoAGO3IqE_putQsXkRaHfXalj62Wj-Zs9-HBxRyPK7fv29mvUrma_KBeCjRc-Zn9CZJiT5oZx_MMbOZjuBgUx-AQsNBWhvQforS8J5wZvmQWoN-ScQRsHdQp12IOzenJyiOplQFCdw-EtIO
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:03 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2749541
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame EFE0 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dd20684fbfa90118fc235f6c595b48f711cbe50564b620930e654dd4045cbb

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 9DBA 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:04 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 9DBA 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3597760113509878&vrg=2022092001&nw_id=103512698%5C%2C22574853003&nslots=3&eid=31069635%2C31068367%2C44774044%2C676982961&pub_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&qid=COOIn7njsvoCFRIdKwodNgYFXQ&iu=%2F103512698%2C22574853003%2F22477626096&e=0&ret=300x250&req=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&bm=0&efh=0&stk=0&ifi=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3597760113509878&vrg=2022092001&nw_id=103512698%5C%2C22574853003&nslots=3&eid=31069635%2C31068367%2C44774044%2C676982961&pub_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&qid=COWIn7njsvoCFRIdKwodNgYFXQ&iu=%2F103512698%2C22574853003%2F22579309510&e=0&ret=120x600&req=320x50%7C120x600&bm=0&efh=0&stk=1&ifi=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9DBA 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5245720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLlEgKF2ZKOScnBYAVOWPpOCddxTo6cEm9aYICdjKPxueJkEe5VY7wUOaT8T%2BNj3yFso16MPShy0MVhl70B4lehX%2FJ9lp9piFdS4i73OSRpVGil8MnrNxq%2FGpOEQTdvaq0E09qvu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
750d0b61cb38df30-MEL
expires
Sat, 16 Sep 2023 15:31:04 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9E28 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Origin
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 9E28 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcisT9j_hsqhzRgoIz2D7KjQtezcPA48-lq4_fx7Yck3eruaspL1Axmt-awxQa0dITVaq4h1ekz986DUjyBiCw-bnZ1Q&cry=1&dbm_d=AKAmf-DndXgUGlasca88Oys76iDcaR5hekZd-N_NBUqjW8uabU0xG-cOYgQ2DcfvUYRQ__un36YUYMWWUxGS-baP2njLqxuLptmjIAKoSeKAgaK9rRaJswx2QKs3W_7bDVpJZzwoLHXeoCv4zdaJ1D8DIgyIR1xNnMpfF1lwGJkNje75hwxvdw1rbwXlevLCi4LJo7urTR8j5WYsJLWi4Os41MMxRreT19yTI9S3d_B6zEEsb45WOQ9x9-HegW0jxiv8pWwTHeDd8_-UQ_cFkF0-wjZRpx3y_9-TFV9jo_Bsx3q79fnX73WugBjKzDFDIKqAov1YBOVH9gyQhCqr-riLvlr68F26IAh374hOQ2hR7r1VJ78_NSJ44I5EncUzWmy9X8zSEHW6Nrt7pMt0JQ5hxY9YUfTVzYY_K7P1I1iE5gbbxppJSbAV1lmwXpNs87pCsfYffeQbx_OuA2dZl9yQnCYQrzGBWvzps8TmE3dCChrwSFPHPNPK3cI7TrNgVqi8seWLfcd-c18mubuMhdA6ajwA6alXS-KF2j57XKrnQ0sekHtcIzKK8cY0tFO-ciHXyllxr2wSUd4r2HpTfgdM8H1jKWetWgOJ_noMiffOo7Ua5Uip4_lAjAnj_FILT8uDTxRmHPRzl1rPZ18mmfWgKq6ZYqVgPgB1a-IL-zq8g7UYlh4oDIvlwDG546rBkck2UUA_rtgkBVuTCh_Ab20ZIpkn46VHUIiCaNAxXLu3FTepyIxY5RGF2GZLQ8mSmohjLM1eueCDxr1bTzKuHkKLTNm7xSa5gMkyGmtKPIgOp9HJMgPN22fAi7Ba6dyN8eIS7SzFli1SynDd4Wek33BHkThwC71sO2RLzs8G_EfVlNT76hDinuOtzSNm9R3_loZi1c8bkb3gILG6sUYBvn0egZm00vVjQY0D5kx6jPLJVscqpRrvAPIQRysvGaSxo790syHLn1miIKApn3M3Ikg3ffIGq-eEU8YQySeQhxzLUopnXk5JeGJ0mw06Te47PRi4mmp9zq3yoG4JpUqHgb6GURX7v-WVTFtS0ksfdKsWmpp4HayXHF1cgnr7PY2KCCNZuqDAO0tN6njVj8APhV_wgrgKhtSx6KNlRj0I3gKxViFsLqewvrB3Rp5uEX2a6poEnuI29ygKJr_qqNwd9yoD1y4YrYfxJw5yA9woBLYvY5krRdtdVp99lAgAg-P8VNwftkKyd5L-0yRYNQpFH2Am_Ikl3puTOmg_2kxOg1jrxQRC_XeZu1CNSPdIfqRdjixhHF32pLeO2jkLKno90z7OQQzYHfUhWVeYHkDaSi4qqLly-Mp0YaZ7Fy0vTzmdpuIk5g2kO6koROu3W0K22hUhgCaIDknu_UvcNvO71nwLc5owLDK-9Mapti2Deyf3JWTOB4fOeqrFlkuwItnVA_Jhz3DFvYTaBs9nEgRN2YslFI9RcBvgANMZwtcCmF1rY6MKCo59T5eWS5VWQPlfJ811X4HQJX26WVL3ZutAQ-R0aBpeCfQh2NETfBLrxYSrdg_N2LcK46T4aUqUOlNxu8g2bImMXg49rB1uyaVqnKQUcx-PuAAiCU_yZ-CugNqtrXX6OwPaqGnhdRLstnjI3W5CFMM_xzfjd0ZYcNTUnn6eyvTgiWxjAqOdYU4z3PuSoT7A8bsLgOdadxKULsId4tpC36oV93aLqVfsWiZEndgSbYMmizbi_lE4Y0makuET8P4RINI5YKAMFmey33GYDbcAxQfu8LxYm39s15BNv8leDMzv3WQpsDClnzY-xsYWUXXYFHRFhDW_EINr6n7hDRgLAHnOSY-0Z1Ie3QzC0kqUw0P0DpbLlF-m1fbhtbO98eGgQwD054s9FtDfEywfpuSMMq7Ih-VnrTyWNbp4R8rLgoIa7fn4KoqISi1Gg5y9YjEQJjPTMCLJ_pHkAjr30Pb8yXrsGaqBvh-vMEg9oX3JYaInRWdZ3AKQJRFkVyWQj5PVxmch_UH5kNg-FYqYcdaegYWYGZPtnx__iMtyiLOL1J_jY4AlL8D_pVVt9EYhN4a2lBJt6zjeX15UtI7FcZc0xq6RF0wLnRVCCAv3eUfcSj6FT3Rd9zmwLlZggcbbuqfAD1uBBFYSFhI3KPFfIMTace57EE7AH2k8p93yfW7KeaiAoqn9rzdFZChYm6CiUH_jE9KXlqfkP60RktuUVfYMyjoTzxOyPxNuIg5nGAIYOLfu5FxOoOt78eomYE4zibvpH367RF590vdRXLYRYXtGDONx9kcccitZCLu95nqN_EZn1CrhLP233Q3jMwG94XIvSrAW8wwqbBpDgI6nBfRiJwCaJXUf8v-8w9gUZjA7hvKNwoILeqSiqr1AF97X14LxrL1zaFglIE0yWajgUkEhDsnL_XaHRJtsgBP5Jln1g7acF2Tmvx-17SVvk1YZygWAe_AjPuTuB31X8ZT7CVyVTe_aUXn-d-UmZUd6ZE5nPMvL6Eu5vKmgMU6UqCF7fO947my-SFvR7HAKwWrV27x3PAfwWAqimJc9r-hPGxeRqoYDI8y-17iDyW0LeEvhEMcnLZTlOhj4kgTtp90lmjfvJVmjzdtBJKBi8WksP1ztdNPsqYrSvGhiVSzpL2SWW78aTw6mFdZqWtJN4fYQu70WcxjaIuylx2JaCHQP2i6oEqGjQ5iRRghybNHPw3Hjd9FivfyoSBiSZlF6zl5R-4SFAveWrXOO26c90KtvjLymIOtOM1W7rWiSTl1WIqhB2WL2uzFC9h2Ccrtu90pfZ78FZXsBjlg1xWBZOVdJ3j8evfrBzGT5qFO6w1ZqWuFDh8dQpvk7T-MxlKLJ3sdNd1dL2pXMTBL_nJnST8Qs7BnUuKFKa1qk0g5izsHr8IBY15V1QjARIBRjY5qZGTdCVWKGlgjAh0sPx-icoPQuobIRzNMLqmGTBW11eoatGsXaJ6TGK9WEmbsvEQA4B_p-WCLLqMi8muaxbO3rQaVeNbZ4BoIhyevs0pO20R6ZdozUa-HKii1vViId8CkNjd6GbIellPOx41H02ibjVYDdzr6Q46Yt-d7A19FOKeMBpGX55n-Hj2jBv_vzrYeFw99_pIZlDcDlgJYqOEAzfgEd6go2loSQXivpRMFr8E-WW9A779rdrUhinAzP19HnGxH7d0ARitolIyc31a-b2INi755Qkrprl6vA227aauGsqgz0n0yr9xTBvj8oHo0TcwSoV0im3UB-_u2RDQSWvJgLZYj8Gm50nUZtq-fYY9vAvh7zdOmrNCj2y1ODm2vQ1Oguem7481n-C6XIxCCF2ibjAkRb6iLzVtl7zPaSMSUYj-z8pY2_KNFN7f-Ow5C_99u0lgD8GSO3NSD7F9jesZtqLQsNwhczkxq-ug4&cid=CAASJeRoMTX2GvNWPvZAMb9qAd3nieg9dE2AeGbqCb6B2irCNo6LHGU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:53:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 9E28 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcisT9j_hsqhzRgoIz2D7KjQtezcPA48-lq4_fx7Yck3eruaspL1Axmt-awxQa0dITVaq4h1ekz986DUjyBiCw-bnZ1Q&cry=1&dbm_d=AKAmf-DndXgUGlasca88Oys76iDcaR5hekZd-N_NBUqjW8uabU0xG-cOYgQ2DcfvUYRQ__un36YUYMWWUxGS-baP2njLqxuLptmjIAKoSeKAgaK9rRaJswx2QKs3W_7bDVpJZzwoLHXeoCv4zdaJ1D8DIgyIR1xNnMpfF1lwGJkNje75hwxvdw1rbwXlevLCi4LJo7urTR8j5WYsJLWi4Os41MMxRreT19yTI9S3d_B6zEEsb45WOQ9x9-HegW0jxiv8pWwTHeDd8_-UQ_cFkF0-wjZRpx3y_9-TFV9jo_Bsx3q79fnX73WugBjKzDFDIKqAov1YBOVH9gyQhCqr-riLvlr68F26IAh374hOQ2hR7r1VJ78_NSJ44I5EncUzWmy9X8zSEHW6Nrt7pMt0JQ5hxY9YUfTVzYY_K7P1I1iE5gbbxppJSbAV1lmwXpNs87pCsfYffeQbx_OuA2dZl9yQnCYQrzGBWvzps8TmE3dCChrwSFPHPNPK3cI7TrNgVqi8seWLfcd-c18mubuMhdA6ajwA6alXS-KF2j57XKrnQ0sekHtcIzKK8cY0tFO-ciHXyllxr2wSUd4r2HpTfgdM8H1jKWetWgOJ_noMiffOo7Ua5Uip4_lAjAnj_FILT8uDTxRmHPRzl1rPZ18mmfWgKq6ZYqVgPgB1a-IL-zq8g7UYlh4oDIvlwDG546rBkck2UUA_rtgkBVuTCh_Ab20ZIpkn46VHUIiCaNAxXLu3FTepyIxY5RGF2GZLQ8mSmohjLM1eueCDxr1bTzKuHkKLTNm7xSa5gMkyGmtKPIgOp9HJMgPN22fAi7Ba6dyN8eIS7SzFli1SynDd4Wek33BHkThwC71sO2RLzs8G_EfVlNT76hDinuOtzSNm9R3_loZi1c8bkb3gILG6sUYBvn0egZm00vVjQY0D5kx6jPLJVscqpRrvAPIQRysvGaSxo790syHLn1miIKApn3M3Ikg3ffIGq-eEU8YQySeQhxzLUopnXk5JeGJ0mw06Te47PRi4mmp9zq3yoG4JpUqHgb6GURX7v-WVTFtS0ksfdKsWmpp4HayXHF1cgnr7PY2KCCNZuqDAO0tN6njVj8APhV_wgrgKhtSx6KNlRj0I3gKxViFsLqewvrB3Rp5uEX2a6poEnuI29ygKJr_qqNwd9yoD1y4YrYfxJw5yA9woBLYvY5krRdtdVp99lAgAg-P8VNwftkKyd5L-0yRYNQpFH2Am_Ikl3puTOmg_2kxOg1jrxQRC_XeZu1CNSPdIfqRdjixhHF32pLeO2jkLKno90z7OQQzYHfUhWVeYHkDaSi4qqLly-Mp0YaZ7Fy0vTzmdpuIk5g2kO6koROu3W0K22hUhgCaIDknu_UvcNvO71nwLc5owLDK-9Mapti2Deyf3JWTOB4fOeqrFlkuwItnVA_Jhz3DFvYTaBs9nEgRN2YslFI9RcBvgANMZwtcCmF1rY6MKCo59T5eWS5VWQPlfJ811X4HQJX26WVL3ZutAQ-R0aBpeCfQh2NETfBLrxYSrdg_N2LcK46T4aUqUOlNxu8g2bImMXg49rB1uyaVqnKQUcx-PuAAiCU_yZ-CugNqtrXX6OwPaqGnhdRLstnjI3W5CFMM_xzfjd0ZYcNTUnn6eyvTgiWxjAqOdYU4z3PuSoT7A8bsLgOdadxKULsId4tpC36oV93aLqVfsWiZEndgSbYMmizbi_lE4Y0makuET8P4RINI5YKAMFmey33GYDbcAxQfu8LxYm39s15BNv8leDMzv3WQpsDClnzY-xsYWUXXYFHRFhDW_EINr6n7hDRgLAHnOSY-0Z1Ie3QzC0kqUw0P0DpbLlF-m1fbhtbO98eGgQwD054s9FtDfEywfpuSMMq7Ih-VnrTyWNbp4R8rLgoIa7fn4KoqISi1Gg5y9YjEQJjPTMCLJ_pHkAjr30Pb8yXrsGaqBvh-vMEg9oX3JYaInRWdZ3AKQJRFkVyWQj5PVxmch_UH5kNg-FYqYcdaegYWYGZPtnx__iMtyiLOL1J_jY4AlL8D_pVVt9EYhN4a2lBJt6zjeX15UtI7FcZc0xq6RF0wLnRVCCAv3eUfcSj6FT3Rd9zmwLlZggcbbuqfAD1uBBFYSFhI3KPFfIMTace57EE7AH2k8p93yfW7KeaiAoqn9rzdFZChYm6CiUH_jE9KXlqfkP60RktuUVfYMyjoTzxOyPxNuIg5nGAIYOLfu5FxOoOt78eomYE4zibvpH367RF590vdRXLYRYXtGDONx9kcccitZCLu95nqN_EZn1CrhLP233Q3jMwG94XIvSrAW8wwqbBpDgI6nBfRiJwCaJXUf8v-8w9gUZjA7hvKNwoILeqSiqr1AF97X14LxrL1zaFglIE0yWajgUkEhDsnL_XaHRJtsgBP5Jln1g7acF2Tmvx-17SVvk1YZygWAe_AjPuTuB31X8ZT7CVyVTe_aUXn-d-UmZUd6ZE5nPMvL6Eu5vKmgMU6UqCF7fO947my-SFvR7HAKwWrV27x3PAfwWAqimJc9r-hPGxeRqoYDI8y-17iDyW0LeEvhEMcnLZTlOhj4kgTtp90lmjfvJVmjzdtBJKBi8WksP1ztdNPsqYrSvGhiVSzpL2SWW78aTw6mFdZqWtJN4fYQu70WcxjaIuylx2JaCHQP2i6oEqGjQ5iRRghybNHPw3Hjd9FivfyoSBiSZlF6zl5R-4SFAveWrXOO26c90KtvjLymIOtOM1W7rWiSTl1WIqhB2WL2uzFC9h2Ccrtu90pfZ78FZXsBjlg1xWBZOVdJ3j8evfrBzGT5qFO6w1ZqWuFDh8dQpvk7T-MxlKLJ3sdNd1dL2pXMTBL_nJnST8Qs7BnUuKFKa1qk0g5izsHr8IBY15V1QjARIBRjY5qZGTdCVWKGlgjAh0sPx-icoPQuobIRzNMLqmGTBW11eoatGsXaJ6TGK9WEmbsvEQA4B_p-WCLLqMi8muaxbO3rQaVeNbZ4BoIhyevs0pO20R6ZdozUa-HKii1vViId8CkNjd6GbIellPOx41H02ibjVYDdzr6Q46Yt-d7A19FOKeMBpGX55n-Hj2jBv_vzrYeFw99_pIZlDcDlgJYqOEAzfgEd6go2loSQXivpRMFr8E-WW9A779rdrUhinAzP19HnGxH7d0ARitolIyc31a-b2INi755Qkrprl6vA227aauGsqgz0n0yr9xTBvj8oHo0TcwSoV0im3UB-_u2RDQSWvJgLZYj8Gm50nUZtq-fYY9vAvh7zdOmrNCj2y1ODm2vQ1Oguem7481n-C6XIxCCF2ibjAkRb6iLzVtl7zPaSMSUYj-z8pY2_KNFN7f-Ow5C_99u0lgD8GSO3NSD7F9jesZtqLQsNwhczkxq-ug4&cid=CAASJeRoMTX2GvNWPvZAMb9qAd3nieg9dE2AeGbqCb6B2irCNo6LHGU&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 15:00:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=3597760113509878&bg=!09Cl0JTNAAYIxsuQKMY7ACkAdvg8Wp7UvdIjgunJpM9Zpojd5Wpwg0HvoEtrKXqPYW82atz8KPgbywIAAABMUgAAAAJoAQeZAp2S7hUmSzv6ku90XdebkvllQ0j0ywyoeY1hLVbFunTK4tS_1UyMCPksiiBUcxOEtsO0XyRLR-SOz2Gst0to8P-tGMYnkfrSP9cxtznCrBQhcXmEvE4x3gknqRaPgt1o8vT4h2fdteEa5If4w5jCEvGCZgN4RnX02ld3hWBLjF0SurQyekx7XM5YXatz1oDrLU-vb31V8OcWZzN9cL5FfFec2kx3Bmf3vsyikJj5uWU6FRdE6FQqVXDP7zTGCWqIPG9icKYXeGZ7UqcXh69PRn1gbMS4aBvroYLSgBA7eOvd12aj4bwZY1sO3Upi21VzBr9HTD5_d-bRp4Kuge7dDCgWjDmqlcVyTxTty5f995R5H_sfijXuR8tu1cHeJoPvPlhVb6J58_6dVmecNsa0SBqHykEJDPal2ToCpiqfghDo_wVFCPd75PtDupvlNiLEqFRPKeOfOnXShkW0ihVpxPda_sGCjChTO6kz1XtS6oY3odZOF-fmZEVmIZUckjIMKs012nGpjOXNRAVqiS54PcufLXitwVg8iVSxaG8NZduBo7iJXrGx9GfHcJS-Gq-92WtnlM63Rjl4AEqUZ-u5Ia7GqQlajJzwHkl5tA3ZEjGIm3xev2k4g597NkQH5EIl3glF_IBXSaGZkyYaKBgP68Zu6Cr0lMinUAgzSW6zgcyWyIOH3wXdMtFHovgTyZYyozhyqTeipEUqD4oMAzKDXmg65kzaGqlmcsHaPV_eep78BCz5PiyvYVre86Xf_SrbQfg3VJXRAjXH-TPGnrfFWoCu-HaNtWomShZ-3GXmimWbfCIqpPYWM2t_g-WOgb26UFfoK3XxddnC57doXEL1H8mt1rT4Zsxh8RvfWLe7T_OJYEZM8Xe_sUmdN9jzdCs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
animejs.js
static.criteo.net/animejs/ Frame 9DBA 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:04 GMT
img
pix.as.criteo.net/img/ Frame 9DBA 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=9736&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F2936%2F210730%2Fae7c74bbff6a47faaeb0d1dba10321b8_img_vertical_1.jpg&v=3&w=1200&s=zUR3N4MFkc83fgmD6nxRYPTw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3288212b66509bcca02524204f3d2c8cc0b6a6a83cf3a7ff0a2e28e773d9c5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=26010127
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
26074
expires
Mon, 24 Jul 2023 16:33:12 GMT
all
csm.as.criteo.net/ Frame 9DBA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=fZfV8_aRrBIZ4hdui8FL8nVJOScyazSXoLweuG2Nk7VuRZcfNr-hab_1tX06j1XFl-KX55yr2h59VhNhDztMtNO2jUPV52NPY7MNphWVmrgjEM3NHIeR4MxORlpl6F3Qkqj9mpQgbDcgyHZV98YpNou5wzqn-MIqEd6J_9UcTeIz_icT0eJFLlNq36MbRnE-HJerPB-i-f1CEcCoJmU6Hft7IWmmxuX9nYETMpx__xXCVM2Bdld1bpCRToEmWJ7O1W8d2Q&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 15:31:04 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9DBA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9DBA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Sep 2023 15:31:04 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1D15 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Origin
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 1D15 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhZEBGbr33ANbs-1FZX5ahQ7SvBNuu1JvA5VVtcGoY-aDrbfS7LH9k0nWPL5EVzT1KhJg3jFCTOO_NYXBjDpLMfZ_QeA&cry=1&dbm_d=AKAmf-DCXJ6VVF0mo2z9dT_cHMPEpa1J4G9v6L0A16-PQc9BUBElmrt-0wSzLHXmKSK2qMFFpISbjQfrFNq4thOTW8h-Ud7WxlEaLr8oLcBVN4UFaFPEOd2MmO34yQCrf6cZNFB7qriDzhaZp8u1AsPvdzd5m59Dr0ZPD9X9hkqT1ngNMBziDZaXliuIiMUG1esucjFHKvCzJKDHuJIOi2AVlC57XLziRDPBHfL76z6ka8x7rqcCtsGkAYBgWpBEcZFnxNf3T0Ltz9er2p51-50_iUbGAV1xU0Ebu-kCl3LctX7ZQIHI-FaRlkJ-1Fizog_4MR_Lc7V8xysL_otGcrCFKxKYSisfjLHxhBGMOA3tvy6r3vYI74GDCA73O1TxmBx9TswxPzLB2RzN60ySw7VQ2FjdgK79ioeKtcDAaDN2iIYV15MKYBgRGpXcGv_fETHuwPxBOmaEDlLq9QyLmbv6p-EUUtY1w8FNfCL-JDMk59o6o5Fs8feQ3QFWBAE4B622e-9QGndhwhcDZqaGqY0sYgd9E7nFDfwzAbWnyVBPoUN_AdsyK5lKcSmdO5UactdkqkHz53lwXjRet9JuC9_cNnnHr9K2P2SWQp04vNGrFM0YHXwKta6wIOKQqfCSE1azxfMq-NEUaz1MHmvOZqP0dLbrb9gwtJhuqH8MfTltcWI55oLEuB387wU8l4EgKybwfPwtEPGTB0cFeZRD6RBlZUeK1K1yA9MTPqd9quUcWv5BjGQz95wm6BEQbn3eMfwKa_PDwSQeR-BpJRyj1q-zNkA7tmi8rAxPC01BHDAg6tAFT4V0hHnUNVL6kLqxm3ds3tSKIMNJJYtzH2K1mfIcbKIUdYXpqv1WcZR8jx7kra-aLuOzMu2HPXfQPtB-GKIHvocXyWvAA8igAka4-zfce_TIAmGuM1zvUBqKVUZgc0BKkvNLLGG8JTsak7EffWbm7J9tTxE6pBnksdcv59x5TYH7r_ViskUmcRZUWXdPui3E7mr4GmrYj6sTYURrpOfiiiexOjyf3jNL9ya5DltUN1pjoiAZ4qRnmwGvhXcq_4bF2sAe_xf1ke8pM53Sxim7Ga3Nx6twNJ1mUnSAenN1k4NQkhmOuk6WxGuezBU8KNZvyvwkYD8RkZ7MpCyOfEXQ3E3ZxwZ6sZRSYA_3ghM_63gYmPlJVOc8eldqXDpoYIYaviNpd1iW1UHtJ4lukiTjHLL_730lXmVpLVtRktG3Orz6DVr8u1yc61kjp6a1wN7qdkOFLanVWfaaW47CCoKSm0pTVnH1Tdw29chMp8GYpbmKlu0-p9wKkP8t-pKgcaflNqfexjYiSriXViSte8DrmufwAegUxN5D3HxK266XgCYYJUhU2NT53KILqcfzNcMpsfUYeEXLKSTgto2Slr7cGmen_0qEU9GPZGsOf1rrjbJ-T4oVWpnSGO5qV0EASdgi_04QOE8g2D0cn9uOh1-O1ZEGkAmPAQdCbWHf7hEBxHThLGX78OwKrktAhNBC2K3x0p_E5a37OOV3B71_o_4GK46KUnCgw3FVewFjNi8gI6NmrudLHhyk5XvoJ8Q8ZGfsDnnL_rVZZtCsIydN-3izy4BevNjWQWppV3oRQFvBlgj_hn8KyE4q0soORnOK0YwoHwmH_ar4ns2e45aZegFaDji5l2dLV0WPjDEsA4rCiXncyqLc8SIJphoRgZa_8KnnL7ea3l9MQo2YYndZCxdBWI3wUFbxtB3_lYxJGzDbH5pgPLLlnkN1NK0z4PjltgS3xGpyTc2FrNnh4KixxPmK_JkJzuMDBCXaZTOnV5Rf93W5pE8AqgnimtTJpbIu0NnwjO7y0M3yVdgMOlg7iqsD5Z2fb4WJN1OunVoqSk1GmD58BipL3OD_bYbxi-WJIL9dHzYy4iJrPoNTefVyVXehg1Kuniv-wbhpltWLxZvCqjnBYKsjWEVh8-8oMAauj7oGswfDFUFOtNMjcXzzZkj9ZzfdNOltFiovtwyPcufYxUPYE1FbyJuZT9M9eo0K09gYzyNRWG8gVzBPNCcDJD91KLISlZDyd76YOnvLfYEylSfsCAudsZ2JBJO6W_kvFWazakgq5EkfY7luAWekMTexVcC_uRC2MC4_y7EE2RlLFk5RN3ysVWqqTATZmDHnRjboRgPp5db3BxROMRPP6oXIV18ts_1eM9vSc8A8vW1Wh9XRCGH8Xcq66plrtsR_JUgYL-6r6AnNIZMC-tfbUgY4eAhPD6OVwYNJhdq1qF5E4fKTAH2vzBEjbscjSpA-3m8Hns9nhsdAig0nOMEor3IfeoCO4z9OIj_FFdnL5xCDP0bEL48O0UEuyL-ljSOwbSDc70vtQgQ36sm0J8eOeWCKKlkrIBh5UXsJptmQpWudC-rcQO0AwD8zkrZODhszpJij9G_NnQ1Pj-ip_oKYVHFbp-Lr72x2tDH10qXlppyEF0u6mX58EVwLSt9t2FTVRETFoQr-sHKGxmQKI1JIuJ6MzDDrFCFDyGWYD3kCaoiThkw75L_4f5fP6G3582jsU65_6iXuh7EeniPmyxRYC-HJJoLSrgepeLq4GWbJH-CWS2BiZ6ItbO7tWHhCSQCqcQ4iYgU_NvR3u33an7FuFHiiVVJryWc4v8mnq40kr2eV4jGEhbNs9sQ-1pwbd6wcLnUQbP4-8WNOhRNzT7SLoh7xkI4jc_aZFDqZJYuPOynBJTR7wv658MnmzjPpHjIX3TGqQj9Y4ZHJ5lNjGb8HWOLJWJkoqRz-5SuGrY7X58gWxOyOtTLci0qKJqRX8kkRtXpZv6n1K7LKUvBcfx_n9bclqpW5VdISX-vcPZDPE9QVb44O4nwBGgCsB0ix8u0PQ_MhBWeiAXTzNz7Jz-SBvLUH53N5fOg-i3Dz-iQ5ujxwfNWhWjnt_YwG0l-vQ4_edRWY3_II4Y7AyGEs-F93NQKNCyQcOFKxJrUTSlEJG1zvlWerIJ3ObHF1wvHqY0P0JUEHCs9qUARdYiyeqspNIJd_9_Ilc59qtgBHeo7hTssJX_FWQpkY1A2zqz5y-3v8Y4A5K2pjdRvPf4eZV3r-2vno0g9JoqDkgyzy5xXgDY3WNvo5pDEBo3ePmRe7astF47KmSoOaVrzSWGHpUczFSSV8jAd3AOkFSL68mi9PVlxDmPZXxhtqHBe-HugiLazhjtiR3lVjbYU82j6lou69LyZtBjMK76BUrNkqYRh6yaUEgLFXoUvYst8MsYLGQ_1lAb0o0za3GuIg2tpgThuc3SvFVQuoO9dOiRCFUgZLD4FlsuyWibDXFmX3joh42I6qxjfyuBGoTlt5yqk46G3Y9qc4vO79NlKR8ROqyjglX4-6qTo4KRfw06tdQp6W0LJnhRvjpFAU9Iw&cid=CAASJeRoYQ2hDTDsovBjDtKp4p1lMrpxIfpw28qp-yxti9Fdo09P2X8&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:53:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 1D15 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhZEBGbr33ANbs-1FZX5ahQ7SvBNuu1JvA5VVtcGoY-aDrbfS7LH9k0nWPL5EVzT1KhJg3jFCTOO_NYXBjDpLMfZ_QeA&cry=1&dbm_d=AKAmf-DCXJ6VVF0mo2z9dT_cHMPEpa1J4G9v6L0A16-PQc9BUBElmrt-0wSzLHXmKSK2qMFFpISbjQfrFNq4thOTW8h-Ud7WxlEaLr8oLcBVN4UFaFPEOd2MmO34yQCrf6cZNFB7qriDzhaZp8u1AsPvdzd5m59Dr0ZPD9X9hkqT1ngNMBziDZaXliuIiMUG1esucjFHKvCzJKDHuJIOi2AVlC57XLziRDPBHfL76z6ka8x7rqcCtsGkAYBgWpBEcZFnxNf3T0Ltz9er2p51-50_iUbGAV1xU0Ebu-kCl3LctX7ZQIHI-FaRlkJ-1Fizog_4MR_Lc7V8xysL_otGcrCFKxKYSisfjLHxhBGMOA3tvy6r3vYI74GDCA73O1TxmBx9TswxPzLB2RzN60ySw7VQ2FjdgK79ioeKtcDAaDN2iIYV15MKYBgRGpXcGv_fETHuwPxBOmaEDlLq9QyLmbv6p-EUUtY1w8FNfCL-JDMk59o6o5Fs8feQ3QFWBAE4B622e-9QGndhwhcDZqaGqY0sYgd9E7nFDfwzAbWnyVBPoUN_AdsyK5lKcSmdO5UactdkqkHz53lwXjRet9JuC9_cNnnHr9K2P2SWQp04vNGrFM0YHXwKta6wIOKQqfCSE1azxfMq-NEUaz1MHmvOZqP0dLbrb9gwtJhuqH8MfTltcWI55oLEuB387wU8l4EgKybwfPwtEPGTB0cFeZRD6RBlZUeK1K1yA9MTPqd9quUcWv5BjGQz95wm6BEQbn3eMfwKa_PDwSQeR-BpJRyj1q-zNkA7tmi8rAxPC01BHDAg6tAFT4V0hHnUNVL6kLqxm3ds3tSKIMNJJYtzH2K1mfIcbKIUdYXpqv1WcZR8jx7kra-aLuOzMu2HPXfQPtB-GKIHvocXyWvAA8igAka4-zfce_TIAmGuM1zvUBqKVUZgc0BKkvNLLGG8JTsak7EffWbm7J9tTxE6pBnksdcv59x5TYH7r_ViskUmcRZUWXdPui3E7mr4GmrYj6sTYURrpOfiiiexOjyf3jNL9ya5DltUN1pjoiAZ4qRnmwGvhXcq_4bF2sAe_xf1ke8pM53Sxim7Ga3Nx6twNJ1mUnSAenN1k4NQkhmOuk6WxGuezBU8KNZvyvwkYD8RkZ7MpCyOfEXQ3E3ZxwZ6sZRSYA_3ghM_63gYmPlJVOc8eldqXDpoYIYaviNpd1iW1UHtJ4lukiTjHLL_730lXmVpLVtRktG3Orz6DVr8u1yc61kjp6a1wN7qdkOFLanVWfaaW47CCoKSm0pTVnH1Tdw29chMp8GYpbmKlu0-p9wKkP8t-pKgcaflNqfexjYiSriXViSte8DrmufwAegUxN5D3HxK266XgCYYJUhU2NT53KILqcfzNcMpsfUYeEXLKSTgto2Slr7cGmen_0qEU9GPZGsOf1rrjbJ-T4oVWpnSGO5qV0EASdgi_04QOE8g2D0cn9uOh1-O1ZEGkAmPAQdCbWHf7hEBxHThLGX78OwKrktAhNBC2K3x0p_E5a37OOV3B71_o_4GK46KUnCgw3FVewFjNi8gI6NmrudLHhyk5XvoJ8Q8ZGfsDnnL_rVZZtCsIydN-3izy4BevNjWQWppV3oRQFvBlgj_hn8KyE4q0soORnOK0YwoHwmH_ar4ns2e45aZegFaDji5l2dLV0WPjDEsA4rCiXncyqLc8SIJphoRgZa_8KnnL7ea3l9MQo2YYndZCxdBWI3wUFbxtB3_lYxJGzDbH5pgPLLlnkN1NK0z4PjltgS3xGpyTc2FrNnh4KixxPmK_JkJzuMDBCXaZTOnV5Rf93W5pE8AqgnimtTJpbIu0NnwjO7y0M3yVdgMOlg7iqsD5Z2fb4WJN1OunVoqSk1GmD58BipL3OD_bYbxi-WJIL9dHzYy4iJrPoNTefVyVXehg1Kuniv-wbhpltWLxZvCqjnBYKsjWEVh8-8oMAauj7oGswfDFUFOtNMjcXzzZkj9ZzfdNOltFiovtwyPcufYxUPYE1FbyJuZT9M9eo0K09gYzyNRWG8gVzBPNCcDJD91KLISlZDyd76YOnvLfYEylSfsCAudsZ2JBJO6W_kvFWazakgq5EkfY7luAWekMTexVcC_uRC2MC4_y7EE2RlLFk5RN3ysVWqqTATZmDHnRjboRgPp5db3BxROMRPP6oXIV18ts_1eM9vSc8A8vW1Wh9XRCGH8Xcq66plrtsR_JUgYL-6r6AnNIZMC-tfbUgY4eAhPD6OVwYNJhdq1qF5E4fKTAH2vzBEjbscjSpA-3m8Hns9nhsdAig0nOMEor3IfeoCO4z9OIj_FFdnL5xCDP0bEL48O0UEuyL-ljSOwbSDc70vtQgQ36sm0J8eOeWCKKlkrIBh5UXsJptmQpWudC-rcQO0AwD8zkrZODhszpJij9G_NnQ1Pj-ip_oKYVHFbp-Lr72x2tDH10qXlppyEF0u6mX58EVwLSt9t2FTVRETFoQr-sHKGxmQKI1JIuJ6MzDDrFCFDyGWYD3kCaoiThkw75L_4f5fP6G3582jsU65_6iXuh7EeniPmyxRYC-HJJoLSrgepeLq4GWbJH-CWS2BiZ6ItbO7tWHhCSQCqcQ4iYgU_NvR3u33an7FuFHiiVVJryWc4v8mnq40kr2eV4jGEhbNs9sQ-1pwbd6wcLnUQbP4-8WNOhRNzT7SLoh7xkI4jc_aZFDqZJYuPOynBJTR7wv658MnmzjPpHjIX3TGqQj9Y4ZHJ5lNjGb8HWOLJWJkoqRz-5SuGrY7X58gWxOyOtTLci0qKJqRX8kkRtXpZv6n1K7LKUvBcfx_n9bclqpW5VdISX-vcPZDPE9QVb44O4nwBGgCsB0ix8u0PQ_MhBWeiAXTzNz7Jz-SBvLUH53N5fOg-i3Dz-iQ5ujxwfNWhWjnt_YwG0l-vQ4_edRWY3_II4Y7AyGEs-F93NQKNCyQcOFKxJrUTSlEJG1zvlWerIJ3ObHF1wvHqY0P0JUEHCs9qUARdYiyeqspNIJd_9_Ilc59qtgBHeo7hTssJX_FWQpkY1A2zqz5y-3v8Y4A5K2pjdRvPf4eZV3r-2vno0g9JoqDkgyzy5xXgDY3WNvo5pDEBo3ePmRe7astF47KmSoOaVrzSWGHpUczFSSV8jAd3AOkFSL68mi9PVlxDmPZXxhtqHBe-HugiLazhjtiR3lVjbYU82j6lou69LyZtBjMK76BUrNkqYRh6yaUEgLFXoUvYst8MsYLGQ_1lAb0o0za3GuIg2tpgThuc3SvFVQuoO9dOiRCFUgZLD4FlsuyWibDXFmX3joh42I6qxjfyuBGoTlt5yqk46G3Y9qc4vO79NlKR8ROqyjglX4-6qTo4KRfw06tdQp6W0LJnhRvjpFAU9Iw&cid=CAASJeRoYQ2hDTDsovBjDtKp4p1lMrpxIfpw28qp-yxti9Fdo09P2X8&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 15:00:17 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9E28 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 04:26:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E909 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
13785
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 11:41:19 GMT
etag
48472445140208031
expires
Tue, 27 Sep 2022 11:41:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9E28 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95078f90650d3c2fdca3e45c3788e8d53da6cf854b120b6b944cbab3c54f7b55

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1D15 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 04:26:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D039 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
13785
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 11:41:19 GMT
etag
48472445140208031
expires
Tue, 27 Sep 2022 11:41:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1D15 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51cd8befca2993da4a53f15c4ac83ba3bd28082d0190fe9d9c45147d2e0d5da2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F4BF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
386541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 04:08:43 GMT
expires
Fri, 22 Sep 2023 04:08:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame E909 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAdDR6-uSkoo1R8yPFGznOI&google_cver=1&google_push=AZmPxg9O01ZgBynCqzjpzKpuLzQwemVFik2xnehlAfcFWMI6IK-0rrpzM_NCXLUbH7fE4WzcUllm2fFp-OHQFax9WaGaZUZ1bFP-8TPEn-0Mn8nookSJCUnd8T8Rr6X4RPxOIK33K-i9PX6vkUjzBeWrhg
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame E909 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENtm_Sfbb-ApjavIwMj5xb4&google_cver=1&google_push=AZmPxg8e7B5Npuy62MDDnlbA20rrNrAU0p98CS7neKk1DzRRSr6QBWSmhYjHNZwtVTesEMaGVN-yvktLM6ZMtbHWcJGr9SY9frpgKxuOnjU78oUpftfKQ5E6tejD_2TSh5ZykrHtzuW__0bYYFolwFiVgCQ
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664206265.071246,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11254-MEL
pixel
cm.g.doubleclick.net/ Frame E909
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECB5LHiIEKGn7JhDmDqWcTc&google_cver=1&google_push=AZmPxg-nHn10j5BpReuQ7H77rNQE1RDXcs8Xsg98SKjSlNeKLDfgK_rv17qoQi3sAOJ6W3bydfuHV...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-nHn10j5BpReuQ7H77rNQE1RDXcs8Xsg98SKjSlNeKLDfgK_rv17qoQi3sAOJ6W3bydfuHVl3sCX13-mD4oe9PYFBUa8N4EMDHlBDwEGFyezDQFTGdfZunL1YpJy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-nHn10j5BpReuQ7H77rNQE1RDXcs8Xsg98SKjSlNeKLDfgK_rv17qoQi3sAOJ6W3bydfuHVl3sCX13-mD4oe9PYFBUa8N4EMDHlBDwEGFyezDQFTGdfZunL1YpJy0RrTB6Ep3ur7Ztgcql6neZXxQ
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Sep 2022 15:31:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 75AC6F9091A04C1EABB7C503A2CDE317 Ref B: MEL01EDGE1816 Ref C: 2022-09-26T15:31:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-nHn10j5BpReuQ7H77rNQE1RDXcs8Xsg98SKjSlNeKLDfgK_rv17qoQi3sAOJ6W3bydfuHVl3sCX13-mD4oe9PYFBUa8N4EMDHlBDwEGFyezDQFTGdfZunL1YpJy0RrTB6Ep3ur7Ztgcql6neZXxQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpljdFu0dxxwQHX4xMoA==
pixel
cm.g.doubleclick.net/ Frame E909
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTEzNzdkMzQtNmQwZC00OWMwLThjM2EtMDU5MDYyOTZhNTY0&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTEzNzdkMzQtNmQwZC00OWMwLThjM2EtMDU5MDYyOTZhNTY0&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9_vUY8XdlEdO8AdXxEeCj73P5RFu4-HwcQmBhax0VGqKBDcLOUT9QNh1O9Xe5Y4Y1dCgqI1JrVat6Ovrs2O6VpuwiKh5J4_1m6GpDpt6THjKrllrbYwymwu4Si4i7RUvJAHG5OX1vjIyN-wYaXrPk
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTEzNzdkMzQtNmQwZC00OWMwLThjM2EtMDU5MDYyOTZhNTY0&google_gid=CAESEMgfDdqcZWn8wlhqzLy_9N8&google_cver=1&google_push=AZmPxg9_vUY8XdlEdO8AdXxEeCj73P5RFu4-HwcQmBhax0VGqKBDcLOUT9QNh1O9Xe5Y4Y1dCgqI1JrVat6Ovrs2O6VpuwiKh5J4_1m6GpDpt6THjKrllrbYwymwu4Si4i7RUvJAHG5OX1vjIyN-wYaXrPk
date
Mon, 26 Sep 2022 15:31:05 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E909
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIj0br4qwIhyXd0rJLVFEtM&google_cver=1&google_push=AZmPxg9JLnALrpBu2b6Ed6Btyqw31maAusI-v2NpEbyOtTOWZfziZ8JWQM-g2nUgtjfScxJlLVj9A8Vy28XddMtjwwXC...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIj0br4qwIhyXd0rJLVFEtM&google_cver=1&google_push=AZmPxg9JLnALrpBu2b6Ed6Btyqw31maAusI-v2NpEbyOtTOWZfziZ8JWQM-g2nUgtjfScxJlLVj9A8Vy28XddM...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fae9bec8-882e-4864-8632-4ec210fd43f3
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=fae9bec8-882e-4864-8632-4ec210fd43f3
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f8386851-2088-4aac-9803-8ce2ff57b2a2&user_group=1&ssp=google&bsw_param=fae9bec8-882e-4864-8632-4ec210fd43f3
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9JLnALrpBu2b6Ed6Btyqw31maAusI-v2NpEbyOtTOWZfziZ8JWQM-g2nUgtjfScxJlLVj9A8Vy28XddMtjwwXCZKP2Cgw9C5c397NEfQlepeGABfFR0J4_aFMkwFQkPr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9JLnALrpBu2b6Ed6Btyqw31maAusI-v2NpEbyOtTOWZfziZ8JWQM-g2nUgtjfScxJlLVj9A8Vy28XddMtjwwXCZKP2Cgw9C5c397NEfQlepeGABfFR0J4_aFMkwFQkPrDXRzL3Yr_MB-iM9hwgSLg&google_hm=-um-yIguSGSGMk7CEP1D8w==
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9JLnALrpBu2b6Ed6Btyqw31maAusI-v2NpEbyOtTOWZfziZ8JWQM-g2nUgtjfScxJlLVj9A8Vy28XddMtjwwXCZKP2Cgw9C5c397NEfQlepeGABfFR0J4_aFMkwFQkPrDXRzL3Yr_MB-iM9hwgSLg&google_hm=-um-yIguSGSGMk7CEP1D8w==
Date
Mon, 26 Sep 2022 15:31:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E909
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEILEyJY7B6cJySH7-_4o6N8&google_cver=1&google_push=AZmPxg-Uje729ceGHqCzJ2061LkG6QrrViva2n72uELSH6RVTDJVQ89FSt2NDsZqnKx-E_V80IrHOVhU8IosM0cHBH-Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-Uje729ceGHqCzJ2061LkG6QrrViva2n72uELSH6RVTDJVQ89FSt2NDsZqnKx-E_V80IrHOVhU8IosM0cHBH-YMYkDf7m6SwnNLacpHZw3fpwemL0D86...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-Uje729ceGHqCzJ2061LkG6QrrViva2n72uELSH6RVTDJVQ89FSt2NDsZqnKx-E_V80IrHOVhU8IosM0cHBH-YMYkDf7m6SwnNLacpHZw3fpwemL0D86wo-Hj24txVnJFBQMcymA5xfK542-hMSoo
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg-Uje729ceGHqCzJ2061LkG6QrrViva2n72uELSH6RVTDJVQ89FSt2NDsZqnKx-E_V80IrHOVhU8IosM0cHBH-YMYkDf7m6SwnNLacpHZw3fpwemL0D86wo-Hj24txVnJFBQMcymA5xfK542-hMSoo
date
Mon, 26 Sep 2022 15:31:05 GMT
server
nginx
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame E909 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEFDKUt5bC1cNAHPGAB6QM1k&google_cver=1&google_push=AZmPxg-GmYICme4dQgk97vW76Z_iRVfTtaZB0B5hVQ9BqJxKYUuIgIN5HLv1FCMOQg7eCYIoGZdBK3bZIQ5whPOcgCSN4OUVoLZInr1uxsqcHwBmP_zSkuu3et51lCBa3fcnRU5sniLDGL1ivwFnwh4ZuzA
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:31:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame E909 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdWg1gVDc3I5x4u9ftu-YwUebCF3rRRfelwdeq5driIrnKuUDfPi6RfuDMTkaEo-PZYHIq
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame D039
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAKR2W4ekFrFly3as6jM-y4&google_cver=1&google_push=AZmPxg_WyCuvl-6hihII8pfJ0EueYgdAhd4CPEa-gGxLxWe1W3GpK_G4qfWqVapp5g1_TuEjI-jC0VZim_NOB7_-vN...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEAKR2W4ekFrFly3as6jM-y4&google_cver=1&google_push=AZmPxg_WyCuvl-6hihII8pfJ0EueYgdAhd4CPEa-gGxLxWe1W3GpK_G4qfWqVapp5g1_TuEjI-jC0VZim_NOB7_-vN...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Zjc5NjNmNjktZDE1YS00ODk1LTg5MmQtMGJkZjc4MzQ4NTAz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f7963f69-d15a-4895-892d-0bdf78348503
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Zjc5NjNmNjktZDE1YS00ODk1LTg5MmQtMGJkZjc4MzQ4NTAz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f7963f69-d15a-4895-892d-0bdf78348503
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Zjc5NjNmNjktZDE1YS00ODk1LTg5MmQtMGJkZjc4MzQ4NTAz&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f7963f69-d15a-4895-892d-0bdf78348503
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame D039
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEKrPrgMVkw51t1n9J3L7n6Y&google_cver=1&google_push=AZmPxg93-2gFTQTA2bdHsraxMsM_FZhppVSP44YhZGcbAQC-KIbl8FidVx41YYwspD7HmDCOulDrIpGjqKe308fT9j3dGFX8JRL9rn3fv...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg93-2gFTQTA2bdHsraxMsM_FZhppVSP44YhZGcbAQC-KIbl8FidVx41YYwspD7HmDCOulDrIpGjqKe308fT9j3dGFX8JRL9rn3fvwm5HDhEFS5bV-inWLjbynn1IBHTog...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg93-2gFTQTA2bdHsraxMsM_FZhppVSP44YhZGcbAQC-KIbl8FidVx41YYwspD7HmDCOulDrIpGjqKe308fT9j3dGFX8JRL9rn3fvwm5HDhEFS5bV-inWLjbynn1IBHTogIn__K6UCM&google_hm=NTBmRlY1MDFOQkRBWTAwOEdXVk8
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Mon, 26 Sep 2022 15:31:05 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg93-2gFTQTA2bdHsraxMsM_FZhppVSP44YhZGcbAQC-KIbl8FidVx41YYwspD7HmDCOulDrIpGjqKe308fT9j3dGFX8JRL9rn3fvwm5HDhEFS5bV-inWLjbynn1IBHTogIn__K6UCM&google_hm=NTBmRlY1MDFOQkRBWTAwOEdXVk8
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame D039
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESECqcj1pXDKjDlFSjno0MVso&google_cver=1&google_push=AZmPxg_ovqJ9JjpOiK8N5cO6X7Cz2HOZnSJfgZOsW7PzNDjp1wcxcp38Vkh72L-ilW-P50JRsXqjPKkZmbzfdie...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AZmPxg_ovqJ9JjpOiK8N5cO6X7Cz2HOZnSJfgZOsW7PzNDjp1wcxcp38Vkh72L-ilW-P50JRsXqjPKkZmbzfdienEUrQ186w2Wi9y12sqlb3zDCDJ1dU8AG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AZmPxg_ovqJ9JjpOiK8N5cO6X7Cz2HOZnSJfgZOsW7PzNDjp1wcxcp38Vkh72L-ilW-P50JRsXqjPKkZmbzfdienEUrQ186w2Wi9y12sqlb3zDCDJ1dU8AGgRBzZSjZzu9ibt15lf0FkGw
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AZmPxg_ovqJ9JjpOiK8N5cO6X7Cz2HOZnSJfgZOsW7PzNDjp1wcxcp38Vkh72L-ilW-P50JRsXqjPKkZmbzfdienEUrQ186w2Wi9y12sqlb3zDCDJ1dU8AGgRBzZSjZzu9ibt15lf0FkGw
Date
Mon, 26 Sep 2022 15:31:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame D039
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JTMDyE9tR-mujFKNcUpxDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JTMDyE9tR-mujFKNcUpxDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-EDpJACKvoPe5kTCRFGqtm8-FvNCsOQESR02vTbkjZAz0qMO5z6Ldml6RJYB2SCtZqwTZ-sebqz4iT-LdEv4Gu2OdgBY9aqenOlDTOb-KZ_zswGYtBvS9p6wjXwrh9PuP7uHVD6iE
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JTMDyE9tR-mujFKNcUpxDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-EDpJACKvoPe5kTCRFGqtm8-FvNCsOQESR02vTbkjZAz0qMO5z6Ldml6RJYB2SCtZqwTZ-sebqz4iT-LdEv4Gu2OdgBY9aqenOlDTOb-KZ_zswGYtBvS9p6wjXwrh9PuP7uHVD6iE
date
Mon, 26 Sep 2022 15:31:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D039
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFG60oBE76K3alfd3fbNKQ8&google_cver=1&google_push=AZmPxg_kZVClcfYXldU0sWosren-3en8affs8PL_GGSsW1-LVXTRo9wivE59Z-slEUqm4IR-FoiqA8gdPcT8...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psW7WIgO3XjsL4Kd_3aDeyEfBfS1gWog&google_push=AZmPxg_kZVClcfYXldU0sWosren-3en8affs8PL_GGSsW1-LVXTRo9wivE59Z-slEUqm4IR-FoiqA8gdPc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psW7WIgO3XjsL4Kd_3aDeyEfBfS1gWog&google_push=AZmPxg_kZVClcfYXldU0sWosren-3en8affs8PL_GGSsW1-LVXTRo9wivE59Z-slEUqm4IR-FoiqA8gdPcT8sQeFotlmGisXxpECr1spspifANJ_3DMJFR8fcttiRaGizoljT7Quyab458c
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psW7WIgO3XjsL4Kd_3aDeyEfBfS1gWog&google_push=AZmPxg_kZVClcfYXldU0sWosren-3en8affs8PL_GGSsW1-LVXTRo9wivE59Z-slEUqm4IR-FoiqA8gdPcT8sQeFotlmGisXxpECr1spspifANJ_3DMJFR8fcttiRaGizoljT7Quyab458c
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame D039
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF_Swr1uzKGiM4uK7a4zu8w&google_cver=1&google_push=AZmPxg8T142qpPUEN-R9V0GF9LLEBdw-edBCmls8ehY-U3dUmAirz3OtiY45bfGGiIKW9jjCrsEB_MNishlyKAC8pGPSIo1-_A...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8T142qpPUEN-R9V0GF9LLEBdw-edBCmls8ehY-U3dUmAirz3OtiY45bfGGiIKW9jjCrsEB_MNishlyKAC8pGPSIo1-_AS...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw&google_push=AZmPxg8T142qpPUEN-R9V0GF9LLEBdw-edBCmls8ehY-U3dUmAirz3OtiY45bfGG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw&google_push=AZmPxg8T142qpPUEN-R9V0GF9LLEBdw-edBCmls8ehY-U3dUmAirz3OtiY45bfGGiIKW9jjCrsEB_MNishlyKAC8pGPSIo1-_ASW7VMStXiEF0QjhXCrqZ_2cR04xxsI6KYtaBTng8D7_g
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw&google_push=AZmPxg8T142qpPUEN-R9V0GF9LLEBdw-edBCmls8ehY-U3dUmAirz3OtiY45bfGGiIKW9jjCrsEB_MNishlyKAC8pGPSIo1-_ASW7VMStXiEF0QjhXCrqZ_2cR04xxsI6KYtaBTng8D7_g
date
Mon, 26 Sep 2022 15:31:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame D039
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJ_2PWUkA1WuVGkc7iHYGJU&google_cver=1&google_push=AZmPxg9RyMXQrEKWTJh7jxam0-HH0OxBQtI4Ut3JVJadneMG-K8CWITp9NlXCO2VsS96KclEqbOgC5WM9er2ccJK5S9HXyvJl...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg9RyMXQrEKWTJh7jxam0-HH0OxBQtI4Ut3JVJadneMG-K8CWITp9NlXCO2VsS96KclEqbOgC5WM9er2ccJK5S9HXyvJlQp27DhE45nkvoReWrwVxIacZzUbO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg9RyMXQrEKWTJh7jxam0-HH0OxBQtI4Ut3JVJadneMG-K8CWITp9NlXCO2VsS96KclEqbOgC5WM9er2ccJK5S9HXyvJlQp27DhE45nkvoReWrwVxIacZzUbOfTCzrryPsPUciHJP6A&google_hm=MjgwNGZiMDFhYjQ1YjJjOTI0OGI5ZmE2M2NiN2MwODk=
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg9RyMXQrEKWTJh7jxam0-HH0OxBQtI4Ut3JVJadneMG-K8CWITp9NlXCO2VsS96KclEqbOgC5WM9er2ccJK5S9HXyvJlQp27DhE45nkvoReWrwVxIacZzUbOfTCzrryPsPUciHJP6A&google_hm=MjgwNGZiMDFhYjQ1YjJjOTI0OGI5ZmE2M2NiN2MwODk=
date
Mon, 26 Sep 2022 15:31:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame D039 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5gQOnDT5uBVPwaDx5pTug6AZPbvVjG7eAT9Dv7GLCPgfTezwy-_uZqQRRPhzlQy-EGxsheg
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 976A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
386542
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 04:08:43 GMT
expires
Fri, 22 Sep 2023 04:08:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame F4BF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 976A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 00:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 00:16:46 GMT
index.html
s0.2mdn.net/sadbundle/2129343214390369436/ Frame 451A 		78 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
93432ee25d81d44fe76afa9d0f22d0396202cc82f73e1aeda0c4e0dcdef1804a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
56184
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20114
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 23:54:41 GMT
expires
Mon, 25 Sep 2023 23:54:41 GMT
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1D15 		0
436 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBiYSa0rQWA1Km3z3XNgXdLjrJAwZ0tEn5_Z9_1MdDmDZw11THomBUK15ckaNoZXcxfhL63fhDDKxQ0Q5R6iYk-jR9myM7SIQQF98PZrCdHkd0p0SGFoQdgUqAEf5VMBh4swhwlfwAqkwzaQHA9NNI7CKbOWhtKTsZM89WU32JZ_Q1ZyZHdj9zeVRpzq5g-ZtL-BFiGMh2L-YRZE96C7AmZni66Cypybd4TM4COfA-kGLBELsYoP0uugYTMd9vQ6gMZi_rPjkWG35QLvxPZOcICK4R1QqeasOaBgINHcLcZmJAymbEbhs97XqYQnfgo7JTQm78ZpxZ0cqUG5HBY5XRH684VTsphWkmeo8Qgr7ZctItwDDBbNqWL7HBFSDscJhXdFZzyO_qMGb9ou3YjqDCeU1rWi6lOKMF9kDm8mCkonbsdVs7x5RcblWE8agibaPQnNtgSCyowa8pzpMCy9uaoVQUnnm2qgCOBRHauss6b5zWn-n4pyojcgW6rTHcxO_R4mk0SHQz8HAg_RihMItWMvfFQpdFidjBMF1jdQrIr-fF7TYCtkZ-QGfNMHCeHK3IPaOuzaq746O3GRoLTtknSDIa5oVbvIwvH4IVtYYkPEKdOf-3o8UaD8ncPomsjH6X3xeMoSxsNpIRaxEZjHuRWEAk9NbJaKIzUfBh19YTZPRNaDIkw54l_R_OUThKaCHDBKULemdedj4ykAo8Wfc1zMYdiem5B7GLkxOXh98QO7SY8NRmUNzj-OI6Gk2L-BX0AeN6eFBpSCTAxMmDIH3rUuyKZRH1FDzZCzDIhI0ovcK1k4HC24fQwAj5G_Zg1HUCSCEP-nGlxIohGT3xlHIbqgzQWquUPj4w2J39Xvc6lUw6QplkQEGjpzCvlbJyNmP_yHsbNxpSj4HDUMCMcAUo51sUCy1lyxzwlH2OhUIzZyg-9iv09cDXBNNWQaf_Z3neUsE72biRFGwrGAw_wI4O86trRJlCe2MloLiM1K7Vg2gGwba3tW7EF_a2ev4Y9vecZu0J8yhrRxDfA3hlc8EVsXu1Y0ISKpusZQQUY9bRdquG1WO2hxS_LHOL_Z4dQBbzYZ-roXPPY2HoZ7MXmBzc4DhwGpk10Q4MUneXRfwHIqqW7xQD5xfPKD0JLXNHDblAdbXgSA4eEQSzgnFoKcStyZU9SlOT21VzKSyn0AMbBdxmWybNTjle-OJrOfuDlxEkZcxOGXMx0aU0vepzo11u7do6TAPUhXmVlZ0cvcAH2HtnO2nSJR67lJBmJO5fX6TdNA68sXqZTlfxWq17HEs8L9o0zpep6Q&sai=AMfl-YShkVXVLIK0cuU4mn-DZqEdTK7hKR4wxWVCD_JMG0h345An07wb2y_jF1o_jay0La2FaJCQHyusnyF8C89Ltv4j1l7mfo2uHGATLwmpPboFJCTWV2FOaHQ29gjuGLuonKwHJViltHaTJp2I426iWvU1VAPOUvY04hI_k_SrcxpWruXvdEwv1IJUc_qtDpydNOpJFbXIBYzZGTzSj4TbveEJ&sig=Cg0ArKJSzKyzSBhFA6X_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=709&cbvp=1&cstd=705&cisv=r20220921.38875&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 26 Sep 2022 15:31:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/2249730034648686620/ Frame 55F2 		83 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
0cc8c18f44117bdd9442f69499ad2d5e0b371e3c1fca64ba48b501f5b83986e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
98052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20355
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 12:16:53 GMT
expires
Mon, 25 Sep 2023 12:16:53 GMT
last-modified
Mon, 12 Sep 2022 05:17:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9E28 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcKQpbUWwoEmKiJgI3kwr8kPI0Zyg2Z2HOYgyx_JFfDl-qAIcG_NHudjTY9TP7dYmZdLaNX1ikpDVZKTbOx7qBcPlm9o7bf-ICBNIuDNctoFGXXwLlzQBvDD9o76gQJa_jbC2FmGdEzsWlD_ghWlkUpl8ilH4QTHJM4CvTOpbDu5sEGtIFXf0tHh8Anct8qtj1gAIVkSO-JCtyy4TvmcOpm1FLYL3ghk2jESaYuOHeTm0gf0kdqUKK3nbGE-NE4CnW1iN5lX4azkZwp0bv6ZfXqTvndzLMbpjDwFRZJYNG8pjgxwzzGzTKVSjPLxA1uWpynIPlxj0SUJH0SGmtrct41esmxeaxjZ_cFl0WTdHRDqvacYq63HaGm9I1AsLumrXZXggjLjFeOkdDOjDc9Uem5twg9RTAukZEdwTMeGkvb5JggwC9oieGRULtYjpDCSl6dblhrKXLJsEVowW-_iGgdk8Yn3ABVS7vcrn5SSQT2VoNzavpdfxcPHIadFSacbjpoY6rU1HA3R5rvN6G5D0HtSKYycku7rSXJiFtsnEN8fe1QujlPFSJNIiKUt7_9vT4hIU6X5EpfEnxGa-Nji9gOXC-gBDQZaKDi_CH6e8p34EYCvwiU-My3VwpxI6WZ5y392ciS5xc5ox3BLJBikkSpI_lSZnvNUZNGz7Dzx7002fW4zQmruLYmhn5mpmRumE_Gl45afaDdKgU1Zi8oUXJGXkkR6NOvuRgQSIJPkJRf0M7JTnP7b5B1WR6NrHciBbbq1fdlsz7-damo7oTlqBKwF26pHaBmidp_2E9ylTY0HzFDzoHsUpOZht1KI9UU6jWZuvT6U9QMR-s5-fSSgyPqHTwWkylHO8kDCXA2iysVHC8GArv3H-mYes8BRnX7ac9zSUHZ1rXR1fOW4nVDRmgR4bCzpgwEnoy1iVt57qblTO3gU3iq6uCgwhqZhobRZ-ZA_uaZscyIdjq7W0jZanNonDRFfVIopaAbiw69ePcwF26UfqUczQVxd1Kc6OFezgLhdciRpYF6-zTl3jlzhH9SZPn7-mN3XQ1VFZCh7rfN7sdBtOnkFpf-naU6QX8o37gKOskpDEwMN4Oe4yxonx_JSIlto99UZX_xvfRtGsuTSQLEtNym1G9E5UxEmMWuUooBvwfWxTbfFriXZrUw46qQwq1VoBQ1YSMHAq08lU6f54k1G3NpsZC-RezR0jd4-R1SoZkZRBYTehI4FA8pxZ4d_D7fOEP_lij-jdpLpqPku1CymdAkoNHPrdq7VQoJ3hxz5gPjpnvaR8VYi6uGWqhieHDAZDu&sai=AMfl-YRorkFZ9uD116clUzmzOUB1p83zSrZRxzAdk7fNpPy2FOCNGgRghdViAlJQ1W_BOMI_ywGEDOEkwgxka-ovUtc-Rw_qxNCTr4y3EupCYD9UqAgfnUJjYEZUbuivBYksydQxUaQH9sWXCioWmqtEkDQtJk0EsBqXjdZqZtpADH1ysPumf50VJB-eG1Wr64_QLQLHV_Ml_njy_ulekBDTA_vA&sig=Cg0ArKJSzJMkM0PrJe4LEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=806&cbvp=1&cstd=804&cisv=r20220921.06105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 26 Sep 2022 15:31:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4BF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ9e6uMUxY7_pB4OQvQSwuZHwDQAAAAA4AeAEAg&bg=!3d6l3prNAAYIxsuQKMY7ACkAdvg8WlRa19zUZStW1MR9TocAaqmD7OkhN1WVgNf-hZ_3_4lWc87gGQIAAABnUgAAAAJoAQeZAt3YaZ8RQ1Z4DqdC5F8KK-FPJ_EVhO9KlezRSH6W9_qFERhorogL9OrZa3dbbhro7WjoQ2VYbE_QoXupm-NZBchHVx9A1NAlWQO5ZNa4_AiijAH54LhcsgeumIM3AAcUSUcH36EEKf65cGXVGM_PYNd1lLLjCHgRKbgJm-gg340QJQQL9De_rSoNgSPYkrrZEzwGEALu3cH_otI6N_zqP5P4OQdqh_Rjt4QSrXp5a0JYiZL8yZO9r_3x-DjtimVEjv72rCKiSB5brP3zOkqr-ZXgOyKDcs9ykR6mFXakku5gcfFFavWNBz-s1WFleCBCrvCNLh9750iLIhVFqPKDdDRm_Daey5vJaVjV1ifAlV_8gNk83jLpab6ckNjanKNUatiU3K9e8c8ctRHFKQ5Af0MnkXSE-Kc6xWaboQ2CSRTaciJjyJMAsvKCCHyMreYl6GEdPJF0H3zuYjJ44a0L0DWBGhDLUgVPRV2pSgPo2vpywxlPJLsSyFg0sdwcuM43CLb_tvWF-Ao3LtPv8ubyxZhmP0f974_0fNMxxd4DYJfnPRdkfVmvrl6gR0WU64QPH-7IXgFYn8CJ-gRWi03lJRlehPb1f2UDqZyuaZMemjRDpA5WDlZyWOFyx26wW26zxcwbreUs26lRwwXbJHfn3auD5sHJwPryoiDvq8em7zv2p8Ku_TpqQsHKipHuS8Y5Ns7K5eEZqZPfwEeUbh1jACtAVzviNqpgIJXkVoLmyowCAnMXD1GQUFZZDakhqjU5V92Gfi50XGenW1r5pPk_CuQXaCYt9EuYHzlm2j1C87CvM_feZmtMLOFD0ALxRIjVbv_UfpxOJ0EcsYTmfR7hd-Z7wyTX-iXXoqUL8gvEvaoq4C05VEKdIKRDubw86txktoeZK3vG_9g9RRF5XC4MIJ4fPynuPFyRU5kcouPvNh6AFf_A7UWqS_AhGpj2qj0ss_aZH334vihNcPbX6qBc
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 976A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BywKJuMUxY8GGCaWE9fwPiv27gAEAAAAAOAHgBAI&bg=!PzylPHjNAAYIxsuQKMY7ACkAdvg8WvCfe7LZ333MlR-xFO2aInp8Se688UfRjXOmummqV_utPUMm6wIAAABhUgAAAAFoAQeZAvUldrSrdpbf2O70oXlmp0bEenk9qAemmQrQ-5vSIRj15EGguw8m23jKH3Fle4e2kNXcgZkRkePb3_5oa2dU7CwmwYZreRhkLeAhCc7fIzqJdLsORzliEGllqItFCLp8P0bbpy0Oz8VphXCXHJ0cDNWWAh-z-AXQoqrVtQc16dKal3VSxdMfE7Bt3s15Ds8q3F9ddhuIqwn1vejlSgEga2Wiv3EoXyj7DHXm5NAHyeI5EQNl_bgu7cNM9z_PS1pVkfRv1lEzqSItA9qFOQgfdkRZ812G_LS0QAWKKNSu7s4NmHzzZ-XiNlKA9emBnGXPrIm9EEGpikPs-He9BrjEKWTuSK6cOQb0AkCoVllCV4hnMyxp3PCJAn-lqK8v6T1ocPOscwcPu4tjYr6IBw4kcWYPpkCjifYGYPnwN9Fc001x9am1-gwDHzzsXQWnDVQIbX_3XqqUc8UjDvuLT77ExZnSpW54F8o1_-eVBA3DAZKICbqYXvKTJVv2Nx37BX9G4zMR8FXATD9TNXdzoTyHVHKL9oH5Xa7FUAFZbMRa7WhS5qFYZC4701bca7Wo7jrRuOMsinteyzI8xkj9ApQYJiQp3aOxy33euzW9btaQmCkXo96FVv2bEgunaJOlF1oZxTE9hmE8ncOpZM86V09gUe1oaxREIdhp1xnSXIPHkbM_TPxJlQXHeTapuy5NKt7aMW2k1UkO1j-tc40jpl4spWUdABVnF67UtTOljWtxtvRIobgYeNwRFaGmZ1Vm1hlzIt0V7G3aQIvZeOOdY15o9FbR0ml5A3fv1OmBfvClRgWo3ogLNKnQzxzhZCD5a2CdaaqR_V6mKXuVXiPZFf9EbXVJ5V8vvycVgdOHhfLi3Mi2zd7x96dGKw6edTtlQctv10pT0QOoO0ip-VjJi32zjHzMS_xj4T9lAdBxgg9qtGbuW3NAaQfb5-as30Ox5K95lOSajUfu7MHMC_2v2eYsTZb9mZYr-LINkctXshOVvxCrqLbwz19Y
Requested by
Host: 4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
URL: https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 9DBA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=fZfV8_aRrBIZ4hdui8FL8nVJOScyazSXoLweuG2Nk7VuRZcfNr-hab_1tX06j1XFl-KX55yr2h59VhNhDztMtNO2jUPV52NPY7MNphWVmrgjEM3NHIeR4MxORlpl6F3Qkqj9mpQgbDcgyHZV98YpNou5wzqn-MIqEd6J_9UcTeIz_icT0eJFLlNq36MbRnE-HJerPB-i-f1CEcCoJmU6Hft7IWmmxuX9nYETMpx__xXCVM2Bdld1bpCRToEmWJ7O1W8d2Q&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFtwAEKKUKKx0SAAUGNnQR0X7FKy77qHXNPA&u=%7Cn2zn%2FWTC9NPVvhsWjVFODN9UrzbnYcf6XiUBwuax%2BsI%3D%7C&c1=qZJUPwROi1c0W53O6qCeCfQhGaxulJp0eDo7yFWWqpvkdGh0UCqS_PFCqFKqWCtCShWV-fG2LpSMjYLzxa5ZC5kI59RzfghuAoAqwF6PmPe_lB3PirzaGOsAeX0wz16uwJDIA9rH-0bzN5mChAAdY7YSeQnmID6Nbh6V4JncVxK4_BN3sZMSKlCj2fXcy5PQrD_KCNcsZ4DJODYE5_GYbwZfrXKNUfOF4BEcVRnbBLSYho7ZKBI5nlxZEnDlZf-SygDAaiIB9hsKxNaJd35i0lP5OmwxbZ-2owGI9lGrJVCLgslQG228CsP5rCK1gCyxaATs_VK3TNDjxz5b0VzTGCb-Mu4V2Bw33NrhZZ7x17cMCm-8swiJFiR3B2Mvj83tyFXoMV34jhV0Y2vk_wYnzwY1veWKmlFW5s7mMoiqQFFEnynAy5jED827jN1W8THtB364Ht2-CHGBOfThFT28p62qXo3pOJq4HMdSL4j0gBs8hpnatGXTqNkFUIbsJuMRtGC0GqalLkyTt2uAxbweaLI0xK1A7SslIXt19YksWCod5iz5n7n94uwlMnRLy1mGdxnYJk-VXWms8bjS-V5-0GyfQSoK9Jd2eyLVk_4v-rsqfBAfkUrt8T_lmgkEH1qgjavm46CzqQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOg7t8UxY6XREJK6rAG2jJToBZj80bFcqoTM5IUBwI23ARABIABgpcCjgKQBggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLW8_A1cuSlPuACAKgDAaoE4gJP0Pc-wEgFHphx90_jtFK1vlTO3ZVAKk86PmnxY2lXLmaCvDOrX1XMN4I5s6Qui3w9DCR2hH7hE5WfBMj2jrz5A5NSrQ2ym10H497gLYRbIxdedr5DCzHFLFep9d2OYF1Pp_etC3PFBZc7N6ORNRfpVPr_yhlmQYWArAftw4bJtofeRmzBgy4YmfXSWN666EAm9Ez-pPHlEqtlKLJCDDry0yhuwoXtez0lComHvPIgCAC9uzTFoPA-4KTVleVSGapaHisWjdxiTsUDKOGe238TtMro5160r5XPMqNmDjJ6LK1-wHAbFcpnUgSBC4hUsH_Gp_ZmkHnsYyjjDBSBl2LBPDc1s5_phUXpTcvES4iznu2GpmepSATVNIMwIt6knWge33R5ANUAR_1esaJFARBJZY0oBEmw79zp_Oh-cyH0CqjB56oHIpGiM6693Q7t5O-2zN3pko_8ne_iitlxxjWh_t3gBAGABsiZhcyIzM6_XKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2cWWN2LLuegBHgIZE1kjS0ZOMHKw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 15:31:05 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 451A 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 14:10:19 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 55F2 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 14:10:19 GMT
null
s0.2mdn.net/sadbundle/2129343214390369436/ Frame 451A 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 26 Sep 2022 15:31:06 GMT
Disclaimer_1.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame 451A 		142 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Disclaimer_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
3ba32669815f7677b77f9a7b08d412f3a4ffbcea501b6689734181ddf9b6f506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 23:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56185
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15130
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 23:54:41 GMT
Text_1_3.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame 451A 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Text_1_3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
947746a3fbd83939a89aa693fb7117ce6b21dac1a8289194952b8c93b3fba029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 00:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142091
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3597
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 00:02:55 GMT
Text_2_5.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame 451A 		19 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Text_2_5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
cced71af699b96dbfbc24439594b4d43af733f34c97c99fd34c3ff18f3845426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56184
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3635
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 23:54:42 GMT
Illustration_1.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame 451A 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Illustration_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
50d5acd2ca221d9baed26076dfe9ffa86c5fcf535d1176f914bc42efe7ab823b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56184
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1380
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 23:54:42 GMT
Background_2.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame 451A 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Background_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
66b654e131c69e5a91130dbea071278f0aaf9435812b36986b8a958b5fca49f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56184
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5616
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 23:54:42 GMT
truncated
/ Frame 451A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
null
s0.2mdn.net/sadbundle/2249730034648686620/ Frame 55F2 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2249730034648686620/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 26 Sep 2022 15:31:06 GMT
Disclaimer.svg
s0.2mdn.net/sadbundle/2249730034648686620/ Frame 55F2 		164 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2249730034648686620/Disclaimer.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
492fe569caff668d9da56b927407efff50e5aacc3a2905038e193044075758cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 12:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16318
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 12:16:54 GMT
Text_1.svg
s0.2mdn.net/sadbundle/2249730034648686620/ Frame 55F2 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2249730034648686620/Text_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
d1b0abe1d5710820bf1205d5af6b0da71061dd240a7be2c2f5bc94c06a139cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 12:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2989
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 12:16:54 GMT
Text_2.svg
s0.2mdn.net/sadbundle/2249730034648686620/ Frame 55F2 		15 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2249730034648686620/Text_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
1220b25c121373c1b4402fc9435c412e1a01bc763814e4613d1e632cc69044cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 12:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3508
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 12:16:54 GMT
Text_3.svg
s0.2mdn.net/sadbundle/2249730034648686620/ Frame 55F2 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2249730034648686620/Text_3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
4e3b7b44231929310477f32f09fbf0c34e58194f9d904ff83909c178179f4f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 12:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2642
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 12:16:54 GMT
Illustration.svg
s0.2mdn.net/sadbundle/2249730034648686620/ Frame 55F2 		2 KB
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2249730034648686620/Illustration.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
1023c311ab2ebab32d0e87d3716200fdc9d6834f4c7694d6f11cdb5aed5bb424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 12:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
905
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 12:16:54 GMT
Background.svg
s0.2mdn.net/sadbundle/2249730034648686620/ Frame 55F2 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2249730034648686620/Background.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
aad3814c0796363c8b3e769647d5238493388c93b8ef384e7700bac3fe45a946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2249730034648686620/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 12:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5628
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 12:16:54 GMT
truncated
/ Frame 55F2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 26 Sep 2022 15:31:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
231234
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		423 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0d2ab3e8555a5d827dc70839657bca56cb8b254dd96a617f12125d684bfef532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1430510
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		108 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
afd35d077477767124d295cd97a015b8aa2f75234a194bef43a7cb489759af0c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 26 Oct 2022 15:31:06 GMT
sync.html
public.servenobid.com/ Frame 753A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.26 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
30105
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 07:09:23 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 235fd46744276a751642777ed38c479c.cloudfront.net (CloudFront)
x-amz-cf-id
2SPqNioX3RGuaL9PfJSlNrWqfucWEpRZNkXCk3irlLQaN8t8yqD3ZQ==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 2675 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
71c327f79dc6cd6a94e68de04c402b982e9133d87047f543f313463933d190b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=79629
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 15:31:06 GMT
expires
Tue, 27 Sep 2022 13:38:15 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 85AB 		1 KB
1021 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
0dc640693e4086df32d4f7f5c7931dc381bef7c1186dfd94b933e114afdee4a6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
457
content-type
text/html; charset=utf-8
date
Mon, 26 Sep 2022 15:31:06 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 7E4B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.1.2 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Sep 2022 15:31:06 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0577 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Sep 2022 15:31:06 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E598 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 26 Sep 2022 15:31:06 GMT
ETag
"623de86a-cf34"
Expires
Tue, 27 Sep 2022 15:31:08 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0329 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664206260954
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
f46ae9575459907333813a3eb25f6698041069b42d0e5e541da02cf9a6bf40fd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1376
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame 05F1 		533 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
40804b882367b0b787d1375e22467e97bea1e74f00a635b89678fd72356e7a6d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
325
content-type
text/html
date
Mon, 26 Sep 2022 15:31:06 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L8IXFT6V-14-DH4C&gdpr=0&us_privacy=1---
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L8IXFT6V-14-DH4C&gdpr=0&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L8IXFT6V-14-DH4C&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=ad4b9727-b049-4f06-89f1-75509c63b373&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fae9bec8-882e-4864-8632-4ec210fd43f3&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545649974457354&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525545649974457354&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f56b502e-40e7-4d9f-af3d-c95924c5a9c1&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525545649974457354&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209180804286003721316&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525545649974457354&ssp=adaptmx&gdpr=0&gdpr_consent=
0
0
partner=adaptmx
ssp.disqus.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dad4b9727-b049-4f06-89f1-75509c63b373&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4267%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dad4b9727-b049-...
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4267%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dad4b9727-b049-4f06-89f1-75509c63b373%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1hZDRiOTcyNy1iMDQ5LTRmMDYtODlmMS03NTUwOWM2M2IzNzM%253D%26uid%3D%24UID
Protocol
H2
Server
3.92.9.222 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:07 GMT
content-length
0

Redirect headers

location
https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4267%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dad4b9727-b049-4f06-89f1-75509c63b373%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1hZDRiOTcyNy1iMDQ5LTRmMDYtODlmMS03NTUwOWM2M2IzNzM%253D%26uid%3D%24UID
date
Mon, 26 Sep 2022 15:31:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=ad4b9727-b049-4f06-89f1-75509c63b373
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A&gdpr=0&gdpr_consent=
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A&gdpr=0&gdpr_consent=
date
Mon, 26 Sep 2022 15:31:06 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame 05F1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2923828858205019965&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2923828858205019965&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2923828858205019965&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 05F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=f7762821-0af6-7852-ee58-565153b124f3&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7963f69-d15a-4895-892d-0bdf78348503&ttd_puid=f7762821-0af6-7852-ee58-565153b124f3&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7963f69-d15a-4895-892d-0bdf78348503&ttd_puid=f7762821-0af6-7852-ee58-565153b124f3&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f7963f69-d15a-4895-892d-0bdf78348503&ttd_puid=f7762821-0af6-7852-ee58-565153b124f3&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 05F1
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzHFusCo8YsAAAmHTQcAAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzHFusCo8YsAAAmHTQcAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
55
Date
Mon, 26 Sep 2022 15:31:06 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":55,"gdpr":false,"ipv4":"103.209.254.53","key":"YzHFusCo8YsAAAmHTQcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40199"}
X-SO-Ads-Time
2
X-SO-Key
YzHFusCo8YsAAAmHTQcAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40199
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzHFusCo8YsAAAmHTQcAAAAA
Cache-Control
private
X-SO-HostName
a-ad40199.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-IP
103.209.254.53
sd
jp-u.openx.net/w/1.0/ Frame 05F1
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASMGUdIsQqi9ks8ADsd_zEsKkc8AAAGDemxing
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASMGUdIsQqi9ks8ADsd_zEsKkc8AAAGDemxing
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
via
1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASMGUdIsQqi9ks8ADsd_zEsKkc8AAAGDemxing
cache-control
no-cache
content-length
0
x-amz-cf-id
_idjkgVSlGHIMyx25v0cVH-3zqPx-ck_CBqVejTlhnl0QiSyH0lsoA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 05F1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGIxOWZiZWItYzM4MS0yNmY2LWZiYjgtMGNlODk5NTNlYTkz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 05F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELbQP3rs8wTpksrJz-O70zA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELbQP3rs8wTpksrJz-O70zA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELbQP3rs8wTpksrJz-O70zA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 85AB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=f7963f69-d15a-4895-892d-0bdf78348503&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=f7963f69-d15a-4895-892d-0bdf78348503&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=f7963f69-d15a-4895-892d-0bdf78348503&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 85AB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 85AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMqeurBGGmJ9rEMzxY_OjqI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMqeurBGGmJ9rEMzxY_OjqI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMqeurBGGmJ9rEMzxY_OjqI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 85AB
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzIxNDk5MzI3NTY5NzgwODEzNTUw
date
Mon, 26 Sep 2022 15:31:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 85AB
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=321499327569780813550&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=321499327569780813550&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=189c4cab-afdd-4d3f-9c75-a5c9dbdfdfcf&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=189c4cab-afdd-4d3f-9c75-a5c9dbdfdfcf&_noobservation=1&_expected_cookie=546f1b4...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=189c4cab-afdd-4d3f-9c75-a5c9dbdfdfcf&_noobservation=1&_expected_cookie=546f1b4cdc04497eac566b76a4a26793
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 26 Sep 2022 15:31:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
750d0b734bd9df28-MEL
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=189c4cab-afdd-4d3f-9c75-a5c9dbdfdfcf&_noobservation=1&_expected_cookie=546f1b4cdc04497eac566b76a4a26793
date
Mon, 26 Sep 2022 15:31:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
750d0b720b53df28-MEL
content-length
0
xuid
eb2.3lift.com/ Frame 85AB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=321499327569780813550&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1557550036595532913&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=fae9bec8-882e-4864-8632-4ec210fd43f3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=fae9bec8-882e-4864-8632-4ec210fd43f3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=fae9bec8-882e-4864-8632-4ec210fd43f3&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 26 Sep 2022 15:31:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 85AB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/321499327569780813550?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-jbUwQ8NE2oR5JQKluyHnq5LLtAwQ8CXNmT.UxT83dA--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jbUwQ8NE2oR5JQKluyHnq5LLtAwQ8CXNmT.UxT83dA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 26 Sep 2022 15:31:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jbUwQ8NE2oR5JQKluyHnq5LLtAwQ8CXNmT.UxT83dA--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 85AB
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=321499327569780813550
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=321499327569780813550&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=321499327569780813550&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
QGBEQSVS0QV8E9FP6GAP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=321499327569780813550&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 85AB 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=321499327569780813550&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:05 GMT
etag
"8766f3fc1fc7d81:0"
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E06FAF2179AE491284C399A018591DA1 Ref B: MEL01EDGE1717 Ref C: 2022-09-26T15:31:06Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 85AB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=HKHwX1HON3nVMjAjzleF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBFUQ52YGFEE6...
0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9E28 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcKQpbUWwoEmKiJgI3kwr8kPI0Zyg2Z2HOYgyx_JFfDl-qAIcG_NHudjTY9TP7dYmZdLaNX1ikpDVZKTbOx7qBcPlm9o7bf-ICBNIuDNctoFGXXwLlzQBvDD9o76gQJa_jbC2FmGdEzsWlD_ghWlkUpl8ilH4QTHJM4CvTOpbDu5sEGtIFXf0tHh8Anct8qtj1gAIVkSO-JCtyy4TvmcOpm1FLYL3ghk2jESaYuOHeTm0gf0kdqUKK3nbGE-NE4CnW1iN5lX4azkZwp0bv6ZfXqTvndzLMbpjDwFRZJYNG8pjgxwzzGzTKVSjPLxA1uWpynIPlxj0SUJH0SGmtrct41esmxeaxjZ_cFl0WTdHRDqvacYq63HaGm9I1AsLumrXZXggjLjFeOkdDOjDc9Uem5twg9RTAukZEdwTMeGkvb5JggwC9oieGRULtYjpDCSl6dblhrKXLJsEVowW-_iGgdk8Yn3ABVS7vcrn5SSQT2VoNzavpdfxcPHIadFSacbjpoY6rU1HA3R5rvN6G5D0HtSKYycku7rSXJiFtsnEN8fe1QujlPFSJNIiKUt7_9vT4hIU6X5EpfEnxGa-Nji9gOXC-gBDQZaKDi_CH6e8p34EYCvwiU-My3VwpxI6WZ5y392ciS5xc5ox3BLJBikkSpI_lSZnvNUZNGz7Dzx7002fW4zQmruLYmhn5mpmRumE_Gl45afaDdKgU1Zi8oUXJGXkkR6NOvuRgQSIJPkJRf0M7JTnP7b5B1WR6NrHciBbbq1fdlsz7-damo7oTlqBKwF26pHaBmidp_2E9ylTY0HzFDzoHsUpOZht1KI9UU6jWZuvT6U9QMR-s5-fSSgyPqHTwWkylHO8kDCXA2iysVHC8GArv3H-mYes8BRnX7ac9zSUHZ1rXR1fOW4nVDRmgR4bCzpgwEnoy1iVt57qblTO3gU3iq6uCgwhqZhobRZ-ZA_uaZscyIdjq7W0jZanNonDRFfVIopaAbiw69ePcwF26UfqUczQVxd1Kc6OFezgLhdciRpYF6-zTl3jlzhH9SZPn7-mN3XQ1VFZCh7rfN7sdBtOnkFpf-naU6QX8o37gKOskpDEwMN4Oe4yxonx_JSIlto99UZX_xvfRtGsuTSQLEtNym1G9E5UxEmMWuUooBvwfWxTbfFriXZrUw46qQwq1VoBQ1YSMHAq08lU6f54k1G3NpsZC-RezR0jd4-R1SoZkZRBYTehI4FA8pxZ4d_D7fOEP_lij-jdpLpqPku1CymdAkoNHPrdq7VQoJ3hxz5gPjpnvaR8VYi6uGWqhieHDAZDu&sai=AMfl-YRorkFZ9uD116clUzmzOUB1p83zSrZRxzAdk7fNpPy2FOCNGgRghdViAlJQ1W_BOMI_ywGEDOEkwgxka-ovUtc-Rw_qxNCTr4y3EupCYD9UqAgfnUJjYEZUbuivBYksydQxUaQH9sWXCioWmqtEkDQtJk0EsBqXjdZqZtpADH1ysPumf50VJB-eG1Wr64_QLQLHV_Ml_njy_ulekBDTA_vA&sig=Cg0ArKJSzJMkM0PrJe4LEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1980&vt=11&dtpt=1174&dett=3&cstd=804&cisv=r20220921.06105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
onetag-sys.com/match/ Frame 0329
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 26 Sep 2022 15:31:06 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Sep 2022 15:31:05 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0329 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 0329
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2986570318451776300
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2986570318451776300
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:06 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a372dde4-1c14-45f8-8d78-073b90de8b35
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2986570318451776300
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0329 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=F4YDl92z9A4nb9qI2dOJy7q7J_6D6pWRVkCRTCY3E9U
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0329
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psYQmD4GFmarLX8jxpempI9Ktw1j5IgA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psYQmD4GFmarLX8jxpempI9Ktw1j5IgA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psYQmD4GFmarLX8jxpempI9Ktw1j5IgA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 0329 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
content-length
0
/
onetag-sys.com/match/ Frame 0329
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLqLx5kGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Mon, 26 Sep 2022 15:31:07 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0329
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
WJ8J12G9284TP6Y2N34R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 0329 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
content-length
0
/
onetag-sys.com/match/ Frame 0329
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFG60oBE76K3alfd3fbNKQ8&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFG60oBE76K3alfd3fbNKQ8&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFG60oBE76K3alfd3fbNKQ8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 0329 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 0329
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
sync
x.bidswitch.net/ Frame 0329 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1664206260954
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:31:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 0577 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
af6f54df8e0917146161a2eb5807810d32a6c81c73ef70dcd95672bf71acc1aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:31:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53737
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Tue, 27 Sep 2022 06:26:43 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 925F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fae0704e825f28c8cb4d21b0f157df51f2f296138c1da80e6de569b586364af1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
750d0b713d5e5ac0-MEL
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 15:31:07 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAVd5VSvG33Q0ntFt47xD3TNi6kOhEw2rXlkrPjyrkowgh%2BZMXL8OwnqSdMQy7NWpOJS1tXgyUeCwNSePJLWG4F1pMJR8b4wVQKaSSg9r4WphT1kLf%2FDYkhm9%2BvEaJns90oeLA86HLOihQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame E598 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:06 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9c70bba9-6d46-4160-9a79-d62ea016498c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0577
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzMwNjNkYzFjNTBjNjFlMmZhMDMxNjAzODY5MmEzYWFkM2I3NDA0ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzMwNjNkYzFjNTBjNjFlMmZhMDMxNjAzODY5MmEzYWFkM2I3NDA0ZA
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzMwNjNkYzFjNTBjNjFlMmZhMDMxNjAzODY5MmEzYWFkM2I3NDA0ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 0577
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8IXFT6V-14-DH4C
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8IXFT6V-14-DH4C
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:07 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 35AA819CD0DD4C8892356CD3351BC880 Ref B: MEL01EDGE1816 Ref C: 2022-09-26T15:31:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpljdsYaXYU9hMQRet4A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8IXFT6V-14-DH4C
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0577
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
0
0
tap.php
pixel.rubiconproject.com/ Frame 0577
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJnppzqr-FOfeWNSz4L3I1M&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJnppzqr-FOfeWNSz4L3I1M&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJnppzqr-FOfeWNSz4L3I1M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 0577
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OLVAITzWT7yAU4-LRUVCyw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OLVAITzWT7yAU4-LRUVCyw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OLVAITzWT7yAU4-LRUVCyw
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:08 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
BST5CVPPB0WH1Q9HX64R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OLVAITzWT7yAU4-LRUVCyw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0577
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame 0577
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJWEZUNlYtMTQtREg0Qw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJWEZUNlYtMTQtREg0Qw==
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhJWEZUNlYtMTQtREg0Qw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0577
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/d8RBV18_xEF6GaIvREHZNcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1038513523758955226
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1038513523758955226
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Content-Type
image/gif

Redirect headers

date
Mon, 26 Sep 2022 15:31:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1038513523758955226
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
view
googleads4.g.doubleclick.net/pcs/ Frame 1D15 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBiYSa0rQWA1Km3z3XNgXdLjrJAwZ0tEn5_Z9_1MdDmDZw11THomBUK15ckaNoZXcxfhL63fhDDKxQ0Q5R6iYk-jR9myM7SIQQF98PZrCdHkd0p0SGFoQdgUqAEf5VMBh4swhwlfwAqkwzaQHA9NNI7CKbOWhtKTsZM89WU32JZ_Q1ZyZHdj9zeVRpzq5g-ZtL-BFiGMh2L-YRZE96C7AmZni66Cypybd4TM4COfA-kGLBELsYoP0uugYTMd9vQ6gMZi_rPjkWG35QLvxPZOcICK4R1QqeasOaBgINHcLcZmJAymbEbhs97XqYQnfgo7JTQm78ZpxZ0cqUG5HBY5XRH684VTsphWkmeo8Qgr7ZctItwDDBbNqWL7HBFSDscJhXdFZzyO_qMGb9ou3YjqDCeU1rWi6lOKMF9kDm8mCkonbsdVs7x5RcblWE8agibaPQnNtgSCyowa8pzpMCy9uaoVQUnnm2qgCOBRHauss6b5zWn-n4pyojcgW6rTHcxO_R4mk0SHQz8HAg_RihMItWMvfFQpdFidjBMF1jdQrIr-fF7TYCtkZ-QGfNMHCeHK3IPaOuzaq746O3GRoLTtknSDIa5oVbvIwvH4IVtYYkPEKdOf-3o8UaD8ncPomsjH6X3xeMoSxsNpIRaxEZjHuRWEAk9NbJaKIzUfBh19YTZPRNaDIkw54l_R_OUThKaCHDBKULemdedj4ykAo8Wfc1zMYdiem5B7GLkxOXh98QO7SY8NRmUNzj-OI6Gk2L-BX0AeN6eFBpSCTAxMmDIH3rUuyKZRH1FDzZCzDIhI0ovcK1k4HC24fQwAj5G_Zg1HUCSCEP-nGlxIohGT3xlHIbqgzQWquUPj4w2J39Xvc6lUw6QplkQEGjpzCvlbJyNmP_yHsbNxpSj4HDUMCMcAUo51sUCy1lyxzwlH2OhUIzZyg-9iv09cDXBNNWQaf_Z3neUsE72biRFGwrGAw_wI4O86trRJlCe2MloLiM1K7Vg2gGwba3tW7EF_a2ev4Y9vecZu0J8yhrRxDfA3hlc8EVsXu1Y0ISKpusZQQUY9bRdquG1WO2hxS_LHOL_Z4dQBbzYZ-roXPPY2HoZ7MXmBzc4DhwGpk10Q4MUneXRfwHIqqW7xQD5xfPKD0JLXNHDblAdbXgSA4eEQSzgnFoKcStyZU9SlOT21VzKSyn0AMbBdxmWybNTjle-OJrOfuDlxEkZcxOGXMx0aU0vepzo11u7do6TAPUhXmVlZ0cvcAH2HtnO2nSJR67lJBmJO5fX6TdNA68sXqZTlfxWq17HEs8L9o0zpep6Q&sai=AMfl-YShkVXVLIK0cuU4mn-DZqEdTK7hKR4wxWVCD_JMG0h345An07wb2y_jF1o_jay0La2FaJCQHyusnyF8C89Ltv4j1l7mfo2uHGATLwmpPboFJCTWV2FOaHQ29gjuGLuonKwHJViltHaTJp2I426iWvU1VAPOUvY04hI_k_SrcxpWruXvdEwv1IJUc_qtDpydNOpJFbXIBYzZGTzSj4TbveEJ&sig=Cg0ArKJSzKyzSBhFA6X_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2446&vt=11&dtpt=1737&dett=3&cstd=705&cisv=r20220921.38875&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
gum.criteo.com/ Frame 2675 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a7f7c90841aebf3d1e8f358889f2b1513ea72c2e4ff13edfc2a6d3e6257cc247
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:06 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1337660
strict-transport-security
max-age=31536000; preload;
expires
60
usync.html
eus.rubiconproject.com/ Frame FF38
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Sep 2022 15:31:08 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 Sep 2022 15:31:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cm
p.rfihub.com/ Frame 4208 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A855 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63115
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 15:31:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 27 Sep 2022 09:03:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 2675
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dapx%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=apx&refUrl=&vid=42062671673072078661534908000V10&ovsid=2986570318451776300
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=apx&refUrl=&vid=42062671673072078661534908000V10&ovsid=2986570318451776300
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 26 Sep 2022 15:31:07 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 15:31:07 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d09509cd-0dba-4a43-9c77-ab7c01bdafc6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=apx&refUrl=&vid=42062671673072078661534908000V10&ovsid=2986570318451776300
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 2675
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3072078661534908...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3072078661534908000V10&type=opx&refUrl=&vid=42062671673072078661534908000V10&ovsid=3f5a41be-a1f6-42b2-8d17-283fe15eb62f
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3072078661534908000V10&type=opx&refUrl=&vid=42062671673072078661534908000V10&ovsid=3f5a41be-a1f6-42b2-8d17-283fe15eb62f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 26 Sep 2022 15:31:07 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 15:31:07 GMT

Redirect headers

date
Mon, 26 Sep 2022 15:31:07 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3072078661534908000V10&type=opx&refUrl=&vid=42062671673072078661534908000V10&ovsid=3f5a41be-a1f6-42b2-8d17-283fe15eb62f
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
sync.targeting.unrulymedia.com/csync/ Frame 2675
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dr1%26refUrl%3D%26vid%3D42062671673072078661...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dr1%26refUrl%3D%26vid%3D42062671673072...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7778455510
  • https://sync.1rx.io/usersync/tradedesk/f7963f69-d15a-4895-892d-0bdf78348503
  • https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
0
0
cksync
cs.media.net/ Frame 2675
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA3MjA3ODY2MTUzNDkwODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOxKOVN1S2yLZptuSjvrbtI&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOxKOVN1S2yLZptuSjvrbtI&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.25.248.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 26 Sep 2022 15:31:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOxKOVN1S2yLZptuSjvrbtI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 2675
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Ddxu%26refUrl%3D%26vid%3D42062671673072078661534...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Ddxu%26refUrl%3D%26vid%3D42062671673072078...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=dxu&refUrl=&vid=42062671673072078661534908000V10&ovsid=tIVC2xu21OCQ4A5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=dxu&refUrl=&vid=42062671673072078661534908000V10&ovsid=tIVC2xu21OCQ4A5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 26 Sep 2022 15:31:08 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 15:31:08 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-02f7611d9bf2e5b40@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=dxu&refUrl=&vid=42062671673072078661534908000V10&ovsid=tIVC2xu21OCQ4A5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 2675 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
233322
content-type
image/gif
expires
Mon, 26 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 2675
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedi...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=cbf5b907354d4f6b9e9d8e3dd5aa601c&ssp=medianet&bsw_param=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&consent=&gdpr_pd=1&expires=7
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&gdpr_pd=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 26 Sep 2022 15:31:08 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 15:31:08 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&gdpr_pd=1
Date
Mon, 26 Sep 2022 15:31:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 2675
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dzem%26refUrl%3D%26vid%3D42062671673072078661534908...
  • https://stags.bluekai.com/site/23178?id=yKmvGEHcsZLFk90BwS-D&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLZJNWXMR2FJBRXGWSMIZVTSMCCO5JS2...
0
0
sync
rtb.mfadsrvr.com/ul_cb/ Frame 2675
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3072078661534908000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3072078661534908000V10
0
0
um
cs.emxdgt.com/ Frame 2675 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Demx%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.149.157 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:07 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 2675
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f7963f69-d15a-4895-892d-0bdf78348503
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f7963f69-d15a-4895-892d-0bdf78348503
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.25.248.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 26 Sep 2022 15:31:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f7963f69-d15a-4895-892d-0bdf78348503
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
rum
dsum-sec.casalemedia.com/ Frame 925F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f7963f69-d15a-4895-892d-0bdf78348503&expiration=1666798267&gdpr=0&gdpr_consent=
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f7963f69-d15a-4895-892d-0bdf78348503&expiration=1666798267&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
750d0b738d9917ce-MEL
pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B0FgLTQxhp%2BFufkxFT69uSbwFuj6WtIDupvXX8R6vFYjCmJpcq2g%2BtvIurYMCJqHO0naqPQPjwFMI%2FwRBAy0as2PVBoGC20L9VhsD49ptwKwGDq9WWuSg%2BX%2BhqShdwCA38zCK1616WGcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f7963f69-d15a-4895-892d-0bdf78348503&expiration=1666798267&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 925F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDzuOTPgICTLdprC1xJ9i9E&google_cver=1
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDzuOTPgICTLdprC1xJ9i9E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
750d0b75fa005ac0-MEL
pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sQqKifWcBsBP0vOsI3BXoY9uWmDGf7z4dhXDHge1FErTy7ps4qrBtyNK22GcoftjxGmdtff93v5KfAHV65fVpZLNjeBIeXTQymeqSBFlAqxmslsTVRFXUri6zV3dVDcv%2FGEIsbbC%2FmwBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDzuOTPgICTLdprC1xJ9i9E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 925F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
CF49ZK6TQ3MQDCX2C11B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
WPMWQFRGCPS7899K43MC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 925F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2986570318451776300
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2986570318451776300
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
750d0b78392717ce-MEL
pragma
no-cache
date
Mon, 26 Sep 2022 15:31:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifvB332HMqTLSHb28fNCtTnY06JfrLyKKdlie5OxOkayU6RfJWpLTEDcan0MF%2BhL0lA4x1fi0cX91nchNv8SqP8F8GU9Y5AUcfzSm2%2FnPm%2BP7GLxrQ103arn3lxBNllbqrYF4Y32gJuKtA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:08 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a57f0329-6d76-482a-a9cf-5df96567ddef
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2986570318451776300
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 925F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a2e26331-c5ba-4300-9696-db0b2688ccd8
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a2e26331-c5ba-4300-9696-db0b2688ccd8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
750d0b743e7817ce-MEL
pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXPWK%2FPvN9hpx8AxZ29DmCAwb7XkR9VnJF7lZ0JarcmpyD4ISJvDa2U4LWJcdeLlZhUMeXczdMvhBlomSNzT2RyB1G9ATxyKO47apetXtU7quP00bKL6Pn4JqbJo2LVKLTjnyY%2FE5cAnDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 26 Sep 2022 15:31:07 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a2e26331-c5ba-4300-9696-db0b2688ccd8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Sep 2022 15:31:06 GMT
/
csync.loopme.me/ Frame 925F 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.173.108 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
750d0b765b39df91-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
demconf.jpg
dpm.demdex.net/ Frame 925F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YzHFuJoI-i.zgnvw2wd.agAA%264686?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YzHFuJoI-i.zgnvw2wd.agAA%264686
0
0
ium
dsum-sec.casalemedia.com/ Frame 925F
Redirect Chain
  • https://id.rlcdn.com/711587.gif
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
0
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38drPWgy5shHKW7wSRq%2FxS79QpD8TiR%2Fgs40%2F1Ti9cKhWayApou4zEB8lonzwAGjVdEudpnoP6KEeg%2FLFF%2FG1tFPf%2FFroY%2BmySibSQ6ij7Xhh64Xjb%2FJ9x5CvvPGfEdM%2BU1Vh7YG5rDPmw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
cf-ray
750d0b74aebb17ce-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Mon, 26 Sep 2022 15:31:07 GMT

Redirect headers

date
Mon, 26 Sep 2022 15:31:07 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 925F 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzHFuJoI-i.zgnvw2wd.agAA%264686
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
750d0b765dcc5a4f-MEL
date
Mon, 26 Sep 2022 15:31:07 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
259
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 26 Sep 2022 19:31:07 GMT
log
c21lg-d.media.net/ Frame 2675 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=2f_fEfEiMQtHOTDTpSkYEmrtYmAgIxIk&cs=15&vsid=3072078661534908000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.248.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:08 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 26 Sep 2022 15:31:08 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A327 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63115
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 15:31:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 27 Sep 2022 09:03:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame CC31 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ec0fb2441448bb30037f82ae4f4f2023aefbf50963955344ad05b93111568354

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 26 Sep 2022 15:31:07 GMT
etag
W/"0e8d29018869037cbb864f01163994857"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame A3A8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
d1c1037d6fe5d66bf02c1a73257a4d540955ce2d9d296318dc4a52f0cf157d16
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1359
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 88EE 		872 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5e6fc1a0fb4f4702975acc36525b0e8d985d6b4a8aa4ac1a19804305a51ae92

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
872
content-type
text/html
date
Mon, 26 Sep 2022 15:31:07 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6A93 		2 KB
902 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a80f01f224d4dae993a37aa638f82aa1388994d24e3581f8c0d6c86b1c11bc7f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
750d0b7549695ac0-MEL
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 15:31:07 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ih9%2Bh2Gb0n%2FzWegi4rRqcwSahubaBrLcdiS1f%2BFuri4NF9Jb0z8lpkmFP1ZrErP%2Fx2I16RbRBODS4D48BM8LPFYZEGV5iDXfBBwT85BmDSYj1kDOa7del%2BSG6bPxi6PEuETAsCOYxfYgYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 664B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 15:31:08 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 Sep 2022 15:31:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame 753A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8IXFT6V-14-DH4C&gdpr=0&us_privacy=1YN-
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8IXFT6V-14-DH4C&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
3.230.47.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 15:31:08 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L8IXFT6V-14-DH4C&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
sync
ads.servenobid.com/ Frame 753A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2986570318451776300
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2986570318451776300
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:07 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0071260-6ab8-4164-957d-729ad91fde49
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=2986570318451776300
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 753A
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FYaDDRZHoxrHi3oaRX2Yi6Eg
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FYaDDRZHoxrHi3oaRX2Yi6Eg
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:08 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FYaDDRZHoxrHi3oaRX2Yi6Eg
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 753A
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FYaDCLZHfNuPN0vZRZWqLMiM
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FYaDCLZHfNuPN0vZRZWqLMiM
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 26 Sep 2022 15:31:08 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FYaDCLZHfNuPN0vZRZWqLMiM
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 753A
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=648b78b4-d8fa-4522-aaad-60f4c02e2845
0
0
RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
sync.targeting.unrulymedia.com/csync/ Frame 753A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1664206267948
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=581371391
  • https://sync.1rx.io/usersync/tradedesk/f7963f69-d15a-4895-892d-0bdf78348503
  • https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
0
0
cm
p.rfihub.com/ Frame 753A 		0
0
usa
sync.go.sonobi.com/ Frame 753A 		0
0
sync
ads.servenobid.com/ Frame 753A
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=ad4b9727-b049-4f06-89f1-75509c63b373&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=ad4b9727-b049-4f06-89f1-75509c63b373&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:07 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=ad4b9727-b049-4f06-89f1-75509c63b373&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 26 Sep 2022 15:31:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 753A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:07 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
date
Mon, 26 Sep 2022 15:31:07 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3147
prebid.a-mo.net/cchain/1/ Frame 753A
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0yY2ExY2UyZC0zZGQ5LTMzZTYtOTE5MS1jZTNmNzg2YWE1MGYqU2h0dHBzOi8vYWRz...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3147%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Dad4b972...
  • https://prebid.a-mo.net/cchain/1/3147?gdpr=0&gdpr_consent=&us_privacy=&A=ad4b9727-b049-4f06-89f1-75509c63b373&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB5WT...
0
0
sync
ads.servenobid.com/ Frame 753A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:07 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
date
Mon, 26 Sep 2022 15:31:07 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E28 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKM-RZOB9kZfvOJC2I5n4F-p05ILixAEoK88-86_ab5KksGRSOv0hKHpJSA0y-WUlWHxzGn2lndYnoBJsOAN1JXnS_Lx6_nO-FEiztsCWHOl5W7nDHLZJsmb_YUCYiDUk0ECY&sai=AMfl-YQr_tz2QIYGpoJJ7gBf6AkRrQ_b6rXAi18lQJ9jHqLyLDdjvqCuneFgkvvaC4Ub21Ccr7qC0T2T6bN14blFNlZLboX6Mkc1SyQnRRyQ1asG-k3BIoAoPpm-9mDn&sig=Cg0ArKJSzO3E9-8wVjiBEAE&cid=CAASJeRoMTX2GvNWPvZAMb9qAd3nieg9dE2AeGbqCb6B2irCNo6LHGU&id=lidar2&mcvt=1006&p=60,450,310,750&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664206263821&rpt=2561&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EFE0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssH1W07tUceeaB25HDwRzCXJL2_0CENZG_ClWLipx0tWVdwTGmFysOJrBnAbl7aMRA9CrYe1miSjTw6sF0Va-s172Vu&sig=Cg0ArKJSzHM0HquS69egEAE&cid=CAASFeRoPnS52W9f8o0IuCjDHVv5VOJORA&id=lidar2&mcvt=1007&p=300,5,900,125&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664206263833&rpt=2562&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D15 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPwGoHlf8Ve98vGzAzUSVk1mx7tI8hHEtkn-Ia3VbUtwVL5O_n6XQppMQJnkadY9ce_VKVlJ0zb8cSGeOeCcDKYEG8aMIuOKHLie8WFNye8ZekQHy776zv_QrO4MzKXQB3QtM&sai=AMfl-YT1a2uYJN2fJ-rW57o62A3ch_QKl7dQImygdnbUVYNDtm4kv9C0BS9Eq06iz7B4YgNclXpwBh0eMEeNTcpRctjMaTGCgRYo4tm6yVcisB6u6zRog-kbHV17hD59&sig=Cg0ArKJSzBFge_tpSiNNEAE&cid=CAASJeRoYQ2hDTDsovBjDtKp4p1lMrpxIfpw28qp-yxti9Fdo09P2X8&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664206263830&rpt=2584&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9l0&_p=1973&cid=152270999.1664206263&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1664206262&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&dt=%E7%9A%AE%E5%A4%BE%E4%B8%8D%E8%A6%8B%E5%8D%A1%E7%89%87%E5%85%A8%E6%8E%9B%E5%A4%B1%EF%BC%81%E4%BB%96%E5%9B%9E%E5%AE%B6%E8%A6%8B%E9%80%99%E5%B9%95%E7%9C%BC%E7%A5%9E%E6%AD%BB%203.9%E8%90%AC%E7%B6%B2%E5%8F%8B%E7%AC%91%E7%98%8B%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 0D87 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=iq02S_aRrBIZ4hdu9BbBQq1lLx0a-g1NumwmZ0jFj5Yb-LdpT3ishYsPVXhRvnwC11qT9m8Z9xgU-ZsadD4V11Fc5WYYL4nMayUJIddAaaR4pB2xX1ZO_qIkSKxnlfvhxKhbB_GXxAPWjWPzRwA1PgPQGxxmXi0Bb9VPajYFl3ZB2ibrf0_SpozVMNJjb3ak84J7392NUeqt-4CgiWv4DwRA8VLyFv3QvKL6KZdkMXk6sEMgIa23jHSCZppPakUlKfMFVLbSKH0JIm_O&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzHFsgAJGXMEf4lKAA_95albUKx3V4z9wx9-BA&u=%7CVBsX5Vr7un8fyRzJQMkczUngFdLTgeSnbJs1NIHVu2g%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPULqE9d2UdX2ppjDj59fTgYTuIJIthFIRNrPM2srwen_xT8cP-_qt72nSe6F-HPOLmYXUUeLCk0CGp0RBN40TOPUSm-Z5EppgV095BIcbrhOhZz9OgagX737unzswos-vro9nt1J-eGGkrJgpKS_575U6AG4J8__9aoMoYcCOoonIVdowzeLjiK46OhdklE94iffphawa6cfv0yurZv1z2iVP7wTIFyPwJ-3NmZ8jHlR6u4tB2xLRIzNeyr9Kuz-sJHbdmoB6VL1-F1yCMT14d5tFMoauae2He-t7JlXmNUcL--n4XdQkBQC0E9T_OPkY0NSCeUoDrFwTNy9o6IpmPrBhcBXokk8zqw3dUa--mMgv7EGVrrcVwYxqmL5ZrlNctgd3808GKpmswNFeNOO9guV--9A9qjJ0zmUvaKpsIAX6I5jSL9ddeHDs_ZUUAGnIIO9Qy2fG-WTN3Ceb6Ov9WzcPFEWRGpkfHvsfQLi3a-GyJQn285aDcqkmpapH5oDbYlZ7xu38BUl1M0ZrEYjqA3eI_YOXoBsttbvg9TSoG5mKusDLZy1TJN65LbJhVc7pWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrUYsssUxY_OyJMqS_tMP5fu_6ASY_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAG22aPQA8gBCakCaEc_pprKpT6oAwGqBJICT9BEH_EAjOCMDUI5KRxBmskqhnT2BdZWHoe1KTjv9WayjiH7OhhJKRd79Loqe6-GD0e8YrS9B-zLZ9-4KaxdgofYNO88cCDpJAJkUcktFFH3Yia5UGBEDPF3b4GLFc6nGaKct5nsR2JCnL4BoxCarURa8TZUhk45DlnDyG4-gSYhvTf35OepoGmyboLpr_lx9vSS0T6S7TOcCKTquA9w9EMqqrJqsKkY3gDnq9ClZCbbci5dc3sVTnF_dpk2bg16hyhGzHUqgC9jBEcuFnvR1gPmFpXejdEnKvEWwhnen0ftuXUAeJeHSxQgcs6uBeN9X_MTL8bBf3G90CCBfIch4lP9-Pmo7o6LF0cQAPnipNrnrYAGzoC16PSxwKfBAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kiBaegDeCY7uDIUMWu1UEAe_8jg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 15:31:07 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
pixel
cm.g.doubleclick.net/ Frame A3A8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psZnC3THgCLs1pjAeb1pFbq3DvAg2blA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psZnC3THgCLs1pjAeb1pFbq3DvAg2blA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg3psZnC3THgCLs1pjAeb1pFbq3DvAg2blA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame A3A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 26 Sep 2022 15:31:07 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Sep 2022 15:31:06 GMT
/
onetag-sys.com/match/ Frame A3A8
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=L8IXFT6V-14-DH4C&gdpr=0
0
0
/
onetag-sys.com/match/ Frame A3A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2986570318451776300
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2986570318451776300
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1ac36102-4f9a-497a-a388-d8fe4a824cf9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2986570318451776300
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A3A8 		42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Content-Type
image/gif
/
onetag-sys.com/match/ Frame A3A8
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=9053853491981124446
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=9053853491981124446
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=9053853491981124446
date
Mon, 26 Sep 2022 15:31:07 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame A3A8 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 15:31:07 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ecm3
s.amazon-adsystem.com/ Frame A3A8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:08 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
ETB94SN1ZX2BP5E190JC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame A3A8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjUzMzAzQzgtNEY2RC00N0U5LUFFOEMtNTI4RDcxNEE3MTBD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame A3A8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-0zEhvCJE2uEsN5Ireytoz6nRdx9keZGFvfSKVVk-~A
date
Mon, 26 Sep 2022 15:31:07 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame A3A8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=f7963f69-d15a-4895-892d-0bdf78348503&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
/
onetag-sys.com/match/ Frame A3A8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Donetag%26bsw_param%3Dfae9bec8-882e-4864-8632-4ec210fd43f3...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=a2e26331-c5ba-4300-9696-db0b2688ccd8&expires=30&ssp=onetag&bsw_param=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=30&uid=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&us_privacy=
Date
Mon, 26 Sep 2022 15:31:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame A3A8 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame E598 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:07 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d2fd1d57-712d-4790-aa90-a3bbb30f35a9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6A93 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.2.67 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-2-67.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 6A93 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664206268.009291,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11254-MEL
ie
match.prod.bidr.io/cookie-sync/ Frame 6A93 		0
0
YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6A93
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
13.229.2.67 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-2-67.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB
date
Mon, 26 Sep 2022 15:31:08 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
csync.loopme.me/ Frame 6A93 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.173.108 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
750d0b771b9ddf91-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crum
dsum-sec.casalemedia.com/ Frame 6A93
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2986570318451776300
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2986570318451776300
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
750d0b79ba4b17ce-MEL
pragma
no-cache
date
Mon, 26 Sep 2022 15:31:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKT37C9V76We4TNISDQG9nQ%2BIBIhIQh%2FW96cUWHjh2rOEcZLiApiSh2Mwq8eITJt%2BgzUP06tX5gFhbjACg%2Bn0Jnjbx3M3%2FM3Pyv0Urs%2Bz8q%2BuXF8CkAYlYsWzRx1bNwqRRANwSvbvKwQkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 15:31:08 GMT
X-Proxy-Origin
103.209.254.53; 103.209.254.53; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d7402b4-2156-471f-8697-81896cd433dd
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2986570318451776300
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 6A93
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=yKmvGEHcsZLFk90BwS-D&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26KLNV3EO...
0
0
sync
sync.srv.stackadapt.com/ Frame 6A93 		0
0
sync
ads.servenobid.com/ Frame 6A93 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YzHFuJoI_i-zgnvw2wd-agAAEk4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A855 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67278377&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
04cb15ad26b2236f25d8c023594b6caa7dfd2c3c3d217246ba1ee24531f3ef0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame CC31
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2986570318451776300
0
0
sync
a.sportradarserving.com/ Frame CC31
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_b955626a-ef9e-4181-8e21-d7e38820d5e7&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
0
0
redirectObuid
sync.outbrain.com/ Frame CC31 		0
0
usersync
usersync.gumgum.com/ Frame CC31
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=004b8c51-22e3-4004-8923-46bc9be125b5
0
0
sync
sync.srv.stackadapt.com/ Frame CC31 		0
0
usersync
usersync.gumgum.com/ Frame CC31
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-qVsQZm1E2pcWIly7j3f0AExdpxCeHgen_aYR~A
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame CC31 		0
0
services
sync.technoratimedia.com/ Frame CC31 		0
0
142
match.deepintent.com/usersync/ Frame CC31 		0
0
23178
stags.bluekai.com/site/ Frame CC31
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_b955626a-ef9e-4181-8e21-d7e38820d5e7&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=yKmvGEHcsZLFk90BwS-D&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
0
0
usersync
usersync.gumgum.com/ Frame CC31
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=79314f72-4e01-412d-9264-268fe08ac71a
0
0
RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
sync.targeting.unrulymedia.com/csync/ Frame CC31
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5846453117
  • https://sync.1rx.io/usersync/tradedesk/f7963f69-d15a-4895-892d-0bdf78348503
  • https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
0
0
usersync
usersync.gumgum.com/ Frame CC31
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=7ki2yGVLDQer&ev=1&pid=558355
0
0
sync
ssbsync.smartadserver.com/api/ Frame CC31 		0
0
sync
ads.servenobid.com/ Frame CC31 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_b955626a-ef9e-4181-8e21-d7e38820d5e7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 7C40
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
0
0
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 287E 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 26 Sep 2022 15:31:08 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11254-MEL
x-timer
S1664206268.196214,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame AC24 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9iOTU1NjI2YS1lZjllLTQxODEtOGUyMS1kN2UzODgyMGQ1ZTc=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 15:31:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 29D3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=63114
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 15:31:08 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 27 Sep 2022 09:03:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame DA87
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=f7963f69-d15a-4895-892d-0bdf78348503
0
0
um
cs.emxdgt.com/ Frame DD11 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.149.157 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 26 Sep 2022 15:31:08 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame D355
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YzHFvMCo8YsAAAmHTZwAAAAA
0
0
usersync
usersync.gumgum.com/ Frame CD9C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=YzHFuJoI-i.zgnvw2wd.agAA%264686
0
0
cm-notify
creativecdn.com/ Frame CC45 		0
0
usync.html
eus.rubiconproject.com/ Frame A8D2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 15:31:08 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 Sep 2022 15:31:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame FF38 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
af6f54df8e0917146161a2eb5807810d32a6c81c73ef70dcd95672bf71acc1aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=53735
content-type
text/html; charset=UTF-8
content-length
9422
expires
Tue, 27 Sep 2022 06:26:43 GMT
match
c1.adform.net/serving/cookie/ Frame 5B7E 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=253303C8-4F6D-47E9-AE8C-528D714A710C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 26 Sep 2022 15:31:08 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame CDD0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 0D84 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 26 Sep 2022 15:31:08 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11254-MEL
x-timer
S1664206268.294157,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame EE1E
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WlA5pAeOCw-TOQjyvMUxYw
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5015
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x7ggcuiuhjw
0
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 0980 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 174B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame F551
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=650ec70d28074462812fe0e3d4431931
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
pxd
dps.jp.cinarra.com/ Frame 39F0 		0
0
RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
sync.targeting.unrulymedia.com/csync/ Frame C7E7
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8395016089
  • https://sync.1rx.io/usersync/tradedesk/f7963f69-d15a-4895-892d-0bdf78348503
  • https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame AFB3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:tIVC2xu21OCQ4A5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
bridge
cm.adgrx.com/ Frame EB47 		0
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 1D36
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c3f906ec-5e68-4dee-9213-6547cae241c1-tucta2b4b3c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
55 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c3f906ec-5e68-4dee-9213-6547cae241c1-tucta2b4b3c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 26 Sep 2022 15:31:08 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11280-MEL
x-timer
S1664206269.666348,VS0,VE145

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 26 Sep 2022 15:31:08 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c3f906ec-5e68-4dee-9213-6547cae241c1-tucta2b4b3c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11280-MEL
x-timer
S1664206268.480522,VS0,VE95
x-vcl-time-ms
95
141
match.deepintent.com/usersync/ Frame E696 		0
0
cookiesync
core.iprom.net/ Frame D5BC 		0
0
/
csync.loopme.me/ Frame EF45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.173.108 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
750d0b797e8c3772-MEL
date
Mon, 26 Sep 2022 15:31:08 GMT
server
cloudflare
pm_match
um.simpli.fi/ Frame 9692 		0
0
i.match
s.tribalfusion.com/z/ Frame 7910
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
0
0
cksync.php
contextual.media.net/ Frame 7F20 		45 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3072078661534908000V10&type=pba&refUrl=&vid=42062671673072078661534908000V10&ovsid=253303C8-4F6D-47E9-AE8C-528D714A710C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Mon, 26 Sep 2022 15:31:08 GMT
expires
Mon, 26 Sep 2022 15:31:08 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A855
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JTMDyE9tR-mujFKNcUpxDA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.44.0.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=63114
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Tue, 27 Sep 2022 09:03:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 15:31:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame A855
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=253303C8-4F6D-47E9-AE8C-528D714A710C
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c084a906f72727c41765630c00915594f2ae0533a7db8ea3060b352ea1844ac7791426b5417dce21&_=2
0
0
SPug
image4.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a2e26331-c5ba-4300-9696-db0b2688ccd8
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJDBC_hgr7Ar4HwLT1UuUd0&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
pubmatic
um.simpli.fi/ Frame A855 		0
0
253303C8-4F6D-47E9-AE8C-528D714A710C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A855 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/253303C8-4F6D-47E9-AE8C-528D714A710C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Dpba%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.2.67 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-2-67.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f7963f69-d15a-4895-892d-0bdf78348503
0
0
sync
dsp.nrich.ai/bidswitch/ Frame A855
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
0
SPug
image4.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=253303C8-4F6D-47E9-AE8C-528D714A710C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kp9ZebRE2uXtIjdcfmEflnhHCKi9NNE-~A&gdpr=0&gdpr_consent=
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0a1-g4SrL4fKqnmD0vxgi9KpK4fKrniFg__ihM51
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2986570318451776300&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1557550036595532913
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2923828858205019965&gdpr=0&gdpr_consent=&us_privacy=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame A855
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2986570318451776300
0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame A855 		0
0
d1ba4609
rtb.gumgum.com/getuid/ Frame A855 		0
0
usync.js
eus.rubiconproject.com/ Frame 664B 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
af6f54df8e0917146161a2eb5807810d32a6c81c73ef70dcd95672bf71acc1aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=53735
content-type
text/html; charset=UTF-8
content-length
9422
expires
Tue, 27 Sep 2022 06:26:43 GMT
sync
ads.servenobid.com/ Frame 88EE 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2365812972216320789&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
smart
sync.adotmob.com/cookie/ Frame 88EE 		0
0
sync.php
demand.trafficroots.com/ Frame 88EE 		0
0
9.gif
id5-sync.com/i/102/ Frame 88EE 		0
0
us.php
gu.dyntrk.com/adx/sma/ Frame 88EE 		0
0
cksync.php
contextual.media.net/ Frame FF38
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8IXFT6V-14-DH4C
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8IXFT6V-14-DH4C
0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 664B 		0
0
usync.js
eus.rubiconproject.com/ Frame A8D2 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
af6f54df8e0917146161a2eb5807810d32a6c81c73ef70dcd95672bf71acc1aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 15:31:08 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=53735
content-type
text/html; charset=UTF-8
content-length
9422
expires
Tue, 27 Sep 2022 06:26:43 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame A8D2 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10525545649974457354&ssp=adaptmx&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JBFUQ52YGFEE6TRTNZLE22SBNJ5GYZKG
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3072078661534908000V10%26type%3Drkt%26refUrl%3D%26vid%3D42062671673072078661534908000V10%26ovsid%3D%7Buserid%7D
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLZJNWXMR2FJBRXGWSMIZVTSMCCO5JS2RBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DEMBWGI3DOMJWG4ZTANZSGA3TQNRWGE2TGNBZGA4DAMBQKYYTAJTWONUWIPJTGA3TEMBXHA3DMMJVGM2DSMBYGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3072078661534908000V10
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YzHFuJoI-i.zgnvw2wd.agAA%264686
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=314&uid=648b78b4-d8fa-4522-aaad-60f4c02e2845
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/1/3147?gdpr=0&gdpr_consent=&us_privacy=&A=ad4b9727-b049-4f06-89f1-75509c63b373&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB5WTJFeFkyVXlaQzB6WkdRNUxUTXpaVFl0T1RFNU1TMWpaVE5tTnpnMllXRTFNR1lxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE1tTmhNV05sTW1RdE0yUmtPUzB6TTJVMkxUa3hPVEV0WTJVelpqYzRObUZoTlRCbU1nSUdERGdCJmJ1eWVydWlkPQ%3D%3D&uid=YzHFuJoI-i.zgnvw2wd.agAA%264686
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=2&uid=L8IXFT6V-14-DH4C&gdpr=0
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26KLNV3EORKIMNZVUTCGNM4TAQTXKMWUI
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=68
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=2986570318451776300
Domain
a.sportradarserving.com
URL
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=004b8c51-22e3-4004-8923-46bc9be125b5
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=oth&i=y-qVsQZm1E2pcWIly7j3f0AExdpxCeHgen_aYR~A
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=yKmvGEHcsZLFk90BwS-D&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KLNV3EORKIMNZVUTCGNM4TAQTXKMWUIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=idi&i=79314f72-4e01-412d-9264-268fe08ac71a
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pln&i=7ki2yGVLDQer&ev=1&pid=558355
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mmh&i=a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=ttd&i=f7963f69-d15a-4895-892d-0bdf78348503
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=YzHFvMCo8YsAAAmHTZwAAAAA
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=iex&i=YzHFuJoI-i.zgnvw2wd.agAA%264686
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a2e26331-c5ba-4300-9696-db0b2688ccd8&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=WlA5pAeOCw-TOQjyvMUxYw
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x7ggcuiuhjw
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
dps.jp.cinarra.com
URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=253303C8-4F6D-47E9-AE8C-528D714A710C
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-55812ec0-5611-41d0-a9a2-de8c57036c2f-004
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
Domain
s.tribalfusion.com
URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
pippio.com
URL
https://pippio.com/api/sync?pid=5324&it=1&iv=c084a906f72727c41765630c00915594f2ae0533a7db8ea3060b352ea1844ac7791426b5417dce21&_=2
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a2e26331-c5ba-4300-9696-db0b2688ccd8
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f7963f69-d15a-4895-892d-0bdf78348503
Domain
dsp.nrich.ai
URL
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fae9bec8-882e-4864-8632-4ec210fd43f3&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kp9ZebRE2uXtIjdcfmEflnhHCKi9NNE-~A&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2923828858205019965&gdpr=0&gdpr_consent=&us_privacy=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2986570318451776300
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=253303C8-4F6D-47E9-AE8C-528D714A710C&gdpr=0&gdpr_consent=
Domain
rtb.gumgum.com
URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
demand.trafficroots.com
URL
https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8IXFT6V-14-DH4C
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8IXFT6V-14-DH4C
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L8IXFT6V-14-DH4C

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate object| adRecover object| google_reactive_ads_global_state number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| ggeac object| google_tag_data object| google_js_reporting_queue object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries undefined| google_measure_js_timing function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| descriptionPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests

87 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ5r6x07cwCgoIgQIQ5r6x07cwCgoI4gEQ5r6x07cwCgoI5gEQ5r6x07cwCgoIhwIQ5r6x07cwCgkICRDmvrHTtzAKCQg6EOa-sdO3MAoJCAsQ5r6x07cwCgoIjAIQ5r6x07cwCgkIXxDmvrHTtzA=
.aralego.com/ Name: sspid
Value: fb8ac10d-db06-3d41-8917-81297071886f
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 4ae4ff97-580c-4f28-a914-35a5020e9a6e
.bg3.co/ Name: __gpi
Value: UID=000009e2d30ee339:T=1664206258:RT=1664206258:S=ALNI_MbNvpCwjF-FNLt4hHpZzbSp12AfqA
.adpushup.com/ Name: ap_uid
Value: 3889d950-3db0-11ed-829d-000d3aa18564
.adpushup.com/ Name: ap_usid
Value: 3889d951-3db0-11ed-829d-000d3aa18564
.doubleclick.net/ Name: IDE
Value: AHWqTUmOpNcJAbxDKyBkUHpeg3iInC_6en8izK08eGYyDgzLzF8TlEOnc_xYbnOwTPo
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 24da1778-a371-47a5-b48e-9eb93796170e
.openx.net/ Name: i
Value: 24da1778-a371-47a5-b48e-9eb93796170e|1664206260
.rubiconproject.com/ Name: khaos
Value: L8IXFT6V-14-DH4C
.omnitagjs.com/ Name: ayl_visitor
Value: 86100fa1d4ce44b34f10eec6311af055
www.bg3.co/ Name: qcSxc
Value: 1664206261188
.prebid.a-mo.net/ Name: __amc
Value: 1_1664206261_1664206261
.a-mo.net/ Name: amuid2
Value: ad4b9727-b049-4f06-89f1-75509c63b373
.prebid.a-mo.net/ Name: sd_amuid2
Value: ad4b9727-b049-4f06-89f1-75509c63b373
.quantserve.com/ Name: mc
Value: 6331c5b5-4415b-957f5-057da
.bg3.co/ Name: __qca
Value: P0-151537705-1664206261185
.teads.tv/ Name: tt_viewer
Value: 706601cc-fb8c-4293-93da-f5acb5a24e23
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1664206262.1.0.1664206262.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.152270999.1664206263
.bg3.co/ Name: __gads
Value: ID=e02e6512cd1faaf1:T=1664206258:S=ALNI_Mb1PuSeTREPE-sdddDKcWcH-g-IbQ
.criteo.com/ Name: uid
Value: 5e76f986-4dc7-43f4-9154-0c2cefc537f2
.casalemedia.com/ Name: CMPS
Value: 4686
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.smaato.net/ Name: SCM
Value: 24cf6835
.smaato.net/ Name: SCMg
Value: 24cf6835
.yahoo.com/ Name: A3
Value: d=AQABBLjFMWMCEL0AUTj_YCRxtSQRkE_hICMFEgEBAQEXM2M7YwAAAAAA_eMAAA&S=AQAAAkCrsVpZWZ-KcJWBomiaTbc
.quantserve.com/ Name: d
Value: ECcBCQGYJ4EA
.casalemedia.com/ Name: CMID
Value: YzHFuJoI-i.zgnvw2wd.agAA
.casalemedia.com/ Name: CMPRO
Value: 4686
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il^B5Ru8!@wnfH8K6pQK`!5=E<*L5?%Lz3j47#5-!E>i9FZ?i'[+H_v2kEB`Y*ws]75.%nugO%v4VB%nmGw)maR/
.adnxs.com/ Name: uuid2
Value: 2986570318451776300
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 253303C8-4F6D-47E9-AE8C-528D714A710C
.adform.net/ Name: C
Value: 1
.inmobi.com/ Name: idsp_c
Value: 51377d34-6d0d-49c0-8c3a-05906296a564
.adsrvr.org/ Name: TDID
Value: f7963f69-d15a-4895-892d-0bdf78348503
.mediago.io/ Name: __mguid_
Value: 2804fb01ab45b2c9248b9fa63cb7c089
.adform.net/ Name: uid
Value: 1557550036595532913
.3lift.com/ Name: tluid
Value: 321499327569780813550
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&37a4ed32-16c5-4ff1-81f9-ee41c7be44c4"
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2640:u=1:x=1:i=1664206265:t=1664292665:v=2:sig=AQGlG5h1GyB-CxMW6t6R-Y4_UW2nFNYl"
.bidswitch.net/ Name: tuuid
Value: fae9bec8-882e-4864-8632-4ec210fd43f3
.bidswitch.net/ Name: c
Value: 1664206265
.bidswitch.net/ Name: tuuid_lu
Value: 1664206265
.reemo-ad.jp/ Name: deviceIdentifier
Value: CkZLxSliSMrqpmzzjSBsPxGhZkvhcjNo
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.r-ad.ne.jp/ Name: r_ad_token
Value: 50fFV501NBDAY008GWVO
.adkernel.com/ Name: ADKUID
Value: A2239767280238030244
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22f7963f69-d15a-4895-892d-0bdf78348503%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-26T15%3A31%3A06%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~27dr:196y~27dr"
.openx.net/ Name: pd
Value: v2|1664206266|jElYiuvOiahI
.onetag-sys.com/ Name: OTP
Value: orBnT7E7KYn3AAxdnbFCshtQHiu8t1y44I4vsbLHxSw
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A2239767280238030244
.openx.net/ Name: univ_id
Value: 537072971|f7963f69-d15a-4895-892d-0bdf78348503|1664206266514185
.linkedin.com/ Name: li_sugr
Value: 189c4cab-afdd-4d3f-9c75-a5c9dbdfdfcf
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.mookie1.com/ Name: id
Value: 10525545649974457354
.mookie1.com/ Name: mdata
Value: 1|10525545649974457354|1664206266639
.mookie1.com/ Name: ov
Value: 4483e991ef92c7a351a00c799cf05727
.bing.com/ Name: MUID
Value: 29A32BDE6BAF60E2387839F56A7A61D3
.c.bing.com/ Name: MR
Value: 0
pool.admedo.com/ Name: tuuid
Value: f8386851-2088-4aac-9803-8ce2ff57b2a2
pool.admedo.com/ Name: c
Value: 1664206266
pool.admedo.com/ Name: tuuid_lu
Value: 1664206266
.bg3.co/ Name: cto_bundle
Value: YqOqRV90em1mNkxqenh4MGk0ZW1HeXhYUm9vUVBDalNCdWZKM0pDbEpObndpUWk2UWxpY000UThHWCUyRkhUQklBNFJ4bFFTVGZJUEpaWCUyRnl3b2ZiM2FHUyUyRmxEcnM2bWZQY3VUS25vSW5aUHJFbWNLbUdmc0tGaW5RN2NEb0l2dWJyaWNXVGI4dDFZdFdYRTRkNjZjcVg3TWtGSHclM0QlM0Q
.bg3.co/ Name: cto_bidid
Value: Gr-0GF9uSk1yTjJ3MXl0RnVnMmcyaXVkT28ydzJUQjJQaTlBJTJGUHJLMnJCSDcxSUE2WVdXRlpEM1pIdWNrRk5YNXN1U3UyYyUyRmc1THVMTnNmVlVRMXltWU12JTJCeVEwSnFtTEtIViUyQlRkSHZ4SUVIVW9FJTNE
.ladsp.com/ Name: cr
Value: 1
.rlcdn.com/ Name: rlas3
Value: BZ6gj096ZVRr7MnwZUUnVCHblMMoykJAdbtqw4Py3PA=
.rlcdn.com/ Name: pxrc
Value: CAA=
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY0MjA2MjY2fQ
.mathtag.com/ Name: uuid
Value: a2e26331-c5ba-4300-9696-db0b2688ccd8
.media.net/ Name: visitor-id
Value: 3072078661534908000V10
.tapad.com/ Name: TapAd_TS
Value: 1664206267041
.tapad.com/ Name: TapAd_DID
Value: f56b502e-40e7-4d9f-af3d-c95924c5a9c1
.ladsp.com/ Name: smn_uid
Value: 1K6SLfhb66cIERcey5l9bQ7Hf8xLCpE
.ladsp.com/ Name: lum
Value: CJ7FsdO3MBIFCAMQ0AU
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.casalemedia.com/ Name: CMTS
Value: 5319
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKmf5tXRHS4tyKB0+A8/5Oa6Z4OdihMPKa9ecNN78u1BytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.adsymptotic.com/ Name: U
Value: 546f1b4cdc04497eac566b76a4a26793
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIovebj8X3jzsQBRIWCgdzdng5dDUwEgsIyPLqmcX3jzsQBRIWCgdydWJpY29uEgsIqpCMncX3jzsQBRIVCgZjYXNhbGUSCwj0rYejxfePOxAFGAEgAigCMgsIoLrizdv3jzsQBTgBWgc4bTMzems0YAI.

10 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664206258&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fpi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664206256039&bpp=13&bdt=1404&idt=2009&shv=r20220921&mjsv=m202209120102&ptt=5&saldr=sa&correlator=7839256117444&frm=23&ife=1&pv=2&ga_vid=1324865518.1664206258&ga_sid=1664206258&ga_hid=1889376132&ga_fc=0&ga_cid=amp-bp2IvYeADvpv_CeMaNTxFA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1019340804&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773167&oid=2&pvsid=3075813884163543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.effi9pf2c8lg&fsb=1&dtd=2025
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvcGktamlhLWJ1LWppYW4tcWlhLXBpYW4tcXVhbi1ndWEtc2hpLXRhLWh1aS1qaWEtamlhbi16aGUtbXUteWFuLXNoZW4tc2ktMy05bW8td2FuZy15b3UteGlhby1mZW5nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENtm_Sfbb-ApjavIwMj5xb4&google_cver=1&google_push=AZmPxg8e7B5Npuy62MDDnlbA20rrNrAU0p98CS7neKk1DzRRSr6QBWSmhYjHNZwtVTesEMaGVN-yvktLM6ZMtbHWcJGr9SY9frpgKxuOnjU78oUpftfKQ5E6tejD_2TSh5ZykrHtzuW__0bYYFolwFiVgCQ
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript warning URL: https://www.bg3.co/a/pi-jia-bu-jian-qia-pian-quan-gua-shi-ta-hui-jia-jian-zhe-mu-yan-shen-si-3-9mo-wang-you-xiao-feng.html
Message:
The resource https://d-3394377511692373627.ampproject.net/2209072154000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://s0.2mdn.net/sadbundle/2249730034648686620/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/sadbundle/2129343214390369436/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ssp.disqus.com/partner=adaptmx?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4267%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dad4b9727-b049-4f06-89f1-75509c63b373%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1hZDRiOTcyNy1iMDQ5LTRmMDYtODlmMS03NTUwOWM2M2IzNzM%253D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4554dcfdb25681d65c9135c95d0b8a26.safeframe.googlesyndication.com
58b085eee150a534224aaadead53b14b.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
b4d2fe5aaaebb6d25743be5dcfc19d36.safeframe.googlesyndication.com
bidder.criteo.com
c.bing.com
c1.adform.net
c21lg-d.media.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
cs.r-ad.ne.jp
csm.as.criteo.net
csync.loopme.me
d-3394377511692373627.ampproject.net
delivery.adrecover.com
demand.trafficroots.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dynalyst-sync.adtdp.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mweb.ck.inmobi.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
pxl.qccerttest.com
rtb.gumgum.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.adotmob.com
sync.aralego.com
sync.dsp.reemo-ad.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
trace.mediago.io
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
y.one.impact-ad.jp
a.sportradarserving.com
aax-eu.amazon-adsystem.com
ads.servenobid.com
b1sync.zemanta.com
cm.adgrx.com
contextual.media.net
core.iprom.net
creativecdn.com
demand.trafficroots.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.nrich.ai
gu.dyntrk.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubmatic-match.dotomi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.tribalfusion.com
simage2.pubmatic.com
ssbsync.smartadserver.com
stags.bluekai.com
sync-dsp.ad-m.asia
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
um.simpli.fi
usersync.gumgum.com
x.bidswitch.net
103.229.10.171
103.229.206.241
103.254.153.160
104.16.85.20
104.17.24.14
104.18.13.76
104.18.18.126
104.18.19.126
104.18.99.194
104.19.173.108
104.211.156.162
104.254.148.251
104.254.150.228
104.26.2.91
104.26.4.103
104.45.178.220
104.83.196.24
104.83.197.63
107.23.149.157
124.146.215.52
13.107.42.14
13.115.99.16
13.213.209.254
13.229.2.67
13.33.33.124
13.33.33.43
13.33.88.29
13.33.88.32
13.76.45.37
139.99.49.250
142.250.4.101
142.251.10.155
142.251.10.94
142.251.10.99
142.251.12.132
142.251.12.149
142.251.12.154
142.251.12.155
142.251.12.157
145.40.88.5
150.95.47.242
151.101.1.44
151.101.2.49
172.217.194.154
174.137.133.49
18.140.14.88
18.177.11.95
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.25.248.23
184.31.5.88
185.84.60.20
204.79.197.200
209.191.163.208
209.191.163.209
23.106.127.164
23.106.127.53
23.108.103.8
23.15.148.136
23.44.0.183
23.44.0.196
23.44.1.2
3.115.131.27
3.230.47.190
3.92.9.222
34.107.148.139
34.149.43.113
34.246.170.209
34.98.64.218
35.190.60.146
35.208.249.213
35.213.109.249
35.213.117.18
35.213.12.39
35.244.159.8
42.99.140.200
42.99.140.201
44.239.37.137
50.116.239.135
52.223.2.229
52.223.40.198
52.46.130.91
52.74.13.196
52.84.45.26
54.64.137.66
54.64.4.232
64.120.88.131
67.199.150.81
67.199.150.82
69.16.175.42
69.173.144.138
69.173.158.64
69.173.158.65
74.125.130.156
74.125.24.97
84.17.37.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
044f88b494e5da637b95e9840f53c74247bd62c3d464c537a54a479b3a7054e5
045709218142f2e5ae3c992cabf1bcc410f08a23af90974e135f5a0333474e29
04cb15ad26b2236f25d8c023594b6caa7dfd2c3c3d217246ba1ee24531f3ef0b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0714b585465a1438a6de93463609e9c8a77c39a5e2961a478b82b741086346d1
08f8a35ff1ed0c7e39419984a8d32de7e1dd3a298595992abffad1810a0e4237
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cc8c18f44117bdd9442f69499ad2d5e0b371e3c1fca64ba48b501f5b83986e4
0d2ab3e8555a5d827dc70839657bca56cb8b254dd96a617f12125d684bfef532
0dc640693e4086df32d4f7f5c7931dc381bef7c1186dfd94b933e114afdee4a6
0ee68636d99ccf0650a96b5c70a64ba9365f23b331e496775ce82a0bf6687125
1023c311ab2ebab32d0e87d3716200fdc9d6834f4c7694d6f11cdb5aed5bb424
11ae8b2b219a7e496ff3426b6e14c84a6ee9a5d884fae5d44bd0a941f5dba14c
1220b25c121373c1b4402fc9435c412e1a01bc763814e4613d1e632cc69044cb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134831b7b8a11609c6c27e9b24933f5701cb6b3cc06d129cfb3fc4e501981a95
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
15597ef634097e374d8f18ab0155a9bd770144f072088d38e71b6754aacaeed3
184e60e6706c7ae670691e073a4c95c01a72c1a90a4f0255c7c50a8f4473b34b
1904751ccfd62fb4368f0c10c93aa705878d726a2ecfe982877e838437735b0e
19294f794c7351e3f28f7b00a8220b9881ce2b9242d820dd7f3bc9fb4ab9c4fc
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d8ed0a5be1894d2ffe2f8904b346a098909f89b77c73807549f0ba81831013c
1f816e7a4056ca1d32adea4cbf6e9065bea87aeb0e227e94c6f9ff89d31876b8
20d387706657cab14f41b4c6cb81ab12b92047ceb74ef219d9ac303da0e53af5
2255c4cd951fb1812fd5caa7e8ac3a5f4cda4e5753c6ac3cfcffb098062e4ce2
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
28869892b3ebc9599f527958eedb8e5e6a3d3d28c7f8a39433863488f39ba728
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
2a0ea1d5f65216e7498b754aa4eda305601148b8990024016f01c75915445f67
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
2bd1ba34350c288d4395e4d104575c7406b490f31aa1baffcb977c5268803727
2e8a854dbb9d8baf325f950347fa3b876ed124fd58546abdd1ce0c9e69b63d46
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
30c13878ec598cd5f3f00e151916a8836bf60cc3fc1dc5eb1a3df200e720b582
30ca27f6a96516b0065d6b5d0dc419284613d13606fc85926cbf4b93bd1f5df7
30cc4b9ad8632deed349de0ad3336d5d829c35eaae6acfb4f0a3aea1a08c053c
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
325fc4c4bf76064d9a88f80ba9e2058682e92f4c619a4b7c01077ccf92e69caf
3288212b66509bcca02524204f3d2c8cc0b6a6a83cf3a7ff0a2e28e773d9c5dd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
342d9207010dbb5769fc2988004bf46d4f579e8284fa3931374049e0dd55075f
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
357c585829a9b5623a46f79d0c64440ff25d0faae7c561a0817495bcb3504c39
360af8367592521fcd7ec8624cdef05e84e34d1c542c4a374828dfbe450da284
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
386e60901a3475449ad8f81b7f858a30460ebb756ee2dfec5e2de87bf5d48e2b
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3ba32669815f7677b77f9a7b08d412f3a4ffbcea501b6689734181ddf9b6f506
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40804b882367b0b787d1375e22467e97bea1e74f00a635b89678fd72356e7a6d
40e350c99f3fc292e78d2cc5233b0b06e9070cfcf798dffafcfc7d828eb7adb5
431bca38c6a9405e1da29d695deeeca3b241ccde8fe16d8cb514dca344450b2c
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468cf9622696f8e4df81e3fde5452e4e6f69e6b1ee44305a8c7ca083f954bd0f
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
4754d1f21968cfd683843397a3d65f48d2b991c0ac943d37de1fb5a514f9db34
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48de8a58198a2558ee1dcae396b838dadb810ac34bef0dcbb6af57f3c97da6f3
492fe569caff668d9da56b927407efff50e5aacc3a2905038e193044075758cd
4abc189640d1fcc11fc32187061303ec8b1e4e8425178df4d6bf1c2b8fe01942
4af31d9b03f1f554ae9dfdf1e89a5a45b65fea859750d501784e4dac886930d6
4b37b8b0adc97511d55622bada3b90dcade195731ce779686bf24c4f8d1a4aeb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1cd6a00f7cb1e604499a3a5c1b89939076eb16328968ae0502a9025878ca88
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3b7b44231929310477f32f09fbf0c34e58194f9d904ff83909c178179f4f99
4eae79dc91f805fc0949f5e66b2e67eddd89acf1e78dd8e3d6a0a1334d88f300
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d5acd2ca221d9baed26076dfe9ffa86c5fcf535d1176f914bc42efe7ab823b
51cd8befca2993da4a53f15c4ac83ba3bd28082d0190fe9d9c45147d2e0d5da2
52dd20684fbfa90118fc235f6c595b48f711cbe50564b620930e654dd4045cbb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5e1bb582472917451132ed0bf60094bc8d814905283844e22ca0f3b23c4a345d
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61acee430c99b3902bb6cb1df124025d362ea29f7a45343bde6f2392c920cca2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66b654e131c69e5a91130dbea071278f0aaf9435812b36986b8a958b5fca49f1
66ba9585012af8211e735d1e68da80131b622e32e4280f4ba288cd9b652f7e61
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb14babd121c339e2b9aae707aac2f3e4dad47777384cf591a8d1f2f07f084b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
71c327f79dc6cd6a94e68de04c402b982e9133d87047f543f313463933d190b0
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73d1754277834fe0a8b1aa592535defb1181633f5d34b63a871253d0bafa3495
76e1b353ad8b888eb77cf1b62b4fb4ee02ff5126f7ffc39c8c01582f93dc6e57
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ed0566edef446d076cfbd97acef5a97fc82e6d07872b153c2589a20d3f640e9
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
8062bbaface4b8a01ea6d1410ebc71ed0f56fb51a3fe80525b71135c8e3c4818
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
87da6367710a464cd40e9eccba2dc010ba6f8b35a1ab03f8849eae124a1d8bf9
8a1a745fad7e4599be6427ec9f1520d111660cb0ced8b0f92777ef403ac2e67f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c5fb09428613d9e5d726706f0e366035e89b36bd346e20940ab207d425baac1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93432ee25d81d44fe76afa9d0f22d0396202cc82f73e1aeda0c4e0dcdef1804a
93ddbe6878e66ac465bd7eb69aa23ed55dcacfb33244b5db4213589afbea222e
947746a3fbd83939a89aa693fb7117ce6b21dac1a8289194952b8c93b3fba029
94e8940bd58208be5e2f52cc5f0b45a932a0cf7150ad6c693452453ed1b66f2f
95078f90650d3c2fdca3e45c3788e8d53da6cf854b120b6b944cbab3c54f7b55
96261b7295fb16e4e5d4768282072f2b0484263c2085387f6e8947ceede5f33e
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
99a897b1b6bf0d20afe286cd5e66a7281c3c8eeb69c9aa0dfd42175fc8290aee
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ed7525cf47e26724eb0dc946510616ac8fa4d1bd21f6de4aab7ad0e49dc9cf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a21946f0b7cd85f30e2ea294ca33c02045e0b8e1bfb371f001d25855273f9013
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a45df1dbc260a7778756594a4367e4bbfa8bac5112dfe42ab559cf98ed6d5846
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f7c90841aebf3d1e8f358889f2b1513ea72c2e4ff13edfc2a6d3e6257cc247
a80f01f224d4dae993a37aa638f82aa1388994d24e3581f8c0d6c86b1c11bc7f
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aad3814c0796363c8b3e769647d5238493388c93b8ef384e7700bac3fe45a946
af6f54df8e0917146161a2eb5807810d32a6c81c73ef70dcd95672bf71acc1aa
afd35d077477767124d295cd97a015b8aa2f75234a194bef43a7cb489759af0c
b086747d71bebcccd576372d4ecbc0c7c12ff569c8a0dd95d49f43e58d9aa39d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b61c85519f6be8323b1c90d922d1c028885daf7223b06b5a92e715bb06a359a7
b66ab9c2bd42d7e80340592a4643333e5faa521a607f6ac637c804c4baf8e44e
b8495f96bf23b93cee2ad9dd1ebe81e84cac8fc9e8d247546ae2b5d64e6d0b40
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c0216a4ae9eb4d295edfee2917969c200cefbb28bedbbf8ead8f4a4609b82403
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c4510ee5cc81a0c33039bfa194bed55cf979067b6709f46c3066907098c88122
c54d9629009470c0d8683d539cb46a29fcf72097f078bb2b563f0e1de3e4e320
c9d39b0c6fd30f79e7feea1a01d35fbfdeeeeeda6a7b33a2f2f26375b9aa5d51
cab55253c383f9d7f08821538978c670dac15e311f033c1e4ddfd860b4a19d0c
cced71af699b96dbfbc24439594b4d43af733f34c97c99fd34c3ff18f3845426
cd87bff9d07555b741c3d3346b20beb878f17449c72d6e6749aadccaa15c45f3
cea5e47508fd14aba0b8bb7238f782a73bb8f9824b46517e6d2ed6587acf5fc3
cee9b28c258b3f7bdc8533e5a09bc5870330bcd87b0cbe6b8ba7267ebae47d5a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1b0abe1d5710820bf1205d5af6b0da71061dd240a7be2c2f5bc94c06a139cde
d1c1037d6fe5d66bf02c1a73257a4d540955ce2d9d296318dc4a52f0cf157d16
d3a1e7cfc155a4682e7799c9b6947ac916849fc948a721061b6ff5e837715d15
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
d9c7bc1c148956c8704dab64a3d45e025b89eee0621ab803fa3a10ac52f7c046
db76f704d5dcfcc60a386466eceb494159f4ccea8e913cde01a51f191075faa5
dc4bc6dc1cc74e9a3408093aded5e95864f2b9b5423800473d8a6bc1abb3aa49
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2244d39d8a9c48d56e908dcc416fada2761bea14ff1cda178e606143575416b
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4054d1fcd83bf0fd9a5dcd71fd98b2a73f80a1b6307bf2f3f9779c35e55bb02
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e68de0244b59a220920ee7776234397b8347f4568c4da7b3bdfa0b4a793fd379
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e9d88c06683a26b56a640e14bb36343474fe06d32368800a5b1b239fae955213
eba8de65c2876ca924fd1e4b7437981eaf483201003e315678310f5f72821cba
ec0fb2441448bb30037f82ae4f4f2023aefbf50963955344ad05b93111568354
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec36a388c080b43729c5cb7fe064b2f61ae18edfe8a22f8707644f2d24bcd6d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
f46ae9575459907333813a3eb25f6698041069b42d0e5e541da02cf9a6bf40fd
f5e6fc1a0fb4f4702975acc36525b0e8d985d6b4a8aa4ac1a19804305a51ae92
f75ab72d3c3cfd942cadcc6075bc34830f90a39caf644969cdb1eaad79a6231e
f8b5df89caa6434d62c80beb47578d6f7506d648ddaea3a9ada0f827b9fbd9f7
fae0704e825f28c8cb4d21b0f157df51f2f296138c1da80e6de569b586364af1
fe2feb195573b61e480dadfe67f915ad0d31a8f771556f306e86ab4c3f07c119
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1