urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-shen...
Submission: On September 03 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 10 countries across 101 domains to perform 478 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 640013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
39 74.125.24.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 23.49.60.34 20940 (AKAMAI-ASN1)
5 173.222.148.48 20940 (AKAMAI-ASN1)
2 69.16.175.42 20446 (STACKPATH...)
3 23.108.102.145 59253 (LEASEWEB-...)
16 111 142.251.12.155 15169 (GOOGLE)
11 142.250.4.155 15169 (GOOGLE)
24 104.26.2.91 13335 (CLOUDFLAR...)
6 13.76.45.37 8075 (MICROSOFT...)
1 104.16.85.20 13335 (CLOUDFLAR...)
5 104.18.18.126 13335 (CLOUDFLAR...)
1 23.195.153.54 16625 (AKAMAI-AS)
2 5 51.79.234.101 16276 (OVH)
1 34.107.148.139 15169 (GOOGLE)
2 13 34.98.64.218 15169 (GOOGLE)
1 148.251.44.111 24940 (HETZNER-AS)
1 52.74.188.129 16509 (AMAZON-02)
3 3.114.61.6 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 145.40.88.5 54825 (PACKET)
5 52.213.181.231 16509 (AMAZON-02)
3 7 104.254.150.241 29990 (ASN-APPNEX)
2 172.217.194.156 15169 (GOOGLE)
4 74.125.130.156 15169 (GOOGLE)
8 74.125.24.155 15169 (GOOGLE)
2 16 74.125.68.156 15169 (GOOGLE)
2 13.33.33.38 16509 (AMAZON-02)
2 103.229.10.247 16509 (AMAZON-02)
6 172.217.194.132 15169 (GOOGLE)
1 13.33.33.43 16509 (AMAZON-02)
1 142.251.12.94 15169 (GOOGLE)
2 142.251.10.97 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.9 16509 (AMAZON-02)
2 142.251.12.100 15169 (GOOGLE)
6 142.251.10.106 15169 (GOOGLE)
5 142.251.10.155 15169 (GOOGLE)
9 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
3 6 104.18.19.126 13335 (CLOUDFLAR...)
1 2 23.53.160.138 16625 (AKAMAI-AS)
4 4 89.207.22.76 41041 (VCLK-EU-SE)
5 5 13.33.88.20 16509 (AMAZON-02)
1 1 139.162.40.113 63949 (LINODE-AP...)
4 6 202.131.200.84 17941 (BIT-ISLE ...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 13.230.103.48 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 141.95.98.67 16276 (OVH)
1 52.5.102.142 14618 (AMAZON-AES)
3 4 103.71.26.126 132134 (SPOTX-AS-...)
6 6 52.74.13.196 16509 (AMAZON-02)
1 2 23.47.190.89 20940 (AKAMAI-ASN1)
30 74.125.24.148 15169 (GOOGLE)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2 172.64.152.245 13335 (CLOUDFLAR...)
1 34.96.105.8 15169 (GOOGLE)
1 1 54.199.160.194 16509 (AMAZON-02)
2 2 18.139.207.234 16509 (AMAZON-02)
4 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
2 2 162.19.80.91 16276 (OVH)
2 2 64.202.112.127 23352 (SERVERCEN...)
2 2 124.146.215.47 2514 (INFOSPHER...)
3 3 52.68.227.190 16509 (AMAZON-02)
2 4 103.229.206.240 30419 (MEDIAMATH...)
2 5 13.251.66.227 16509 (AMAZON-02)
2 2 35.227.252.103 15169 (GOOGLE)
1 2 23.36.252.26 16625 (AKAMAI-AS)
1 1 31.220.27.135 39572 (ADVANCEDH...)
1 74.125.130.95 15169 (GOOGLE)
8 172.217.194.154 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
6 7 52.223.40.198 16509 (AMAZON-02)
6 23.15.148.136 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
5 23.195.152.23 16625 (AKAMAI-AS)
1 23.72.44.239 ()
3 8 35.71.178.8 16509 (AMAZON-02)
1 13.224.222.53 ()
1 74.125.24.94 15169 (GOOGLE)
1 1 50.116.239.135 ()
1 1 13.33.88.36 16509 (AMAZON-02)
2 184.28.235.208 ()
2 2 13.107.42.14 ()
1 2 104.18.101.194 ()
1 13.107.21.200 ()
2 2 23.41.65.80 ()
2 23.72.44.196 ()
2 2 18.138.158.87 ()
1 182.161.73.146 ()
2 2 35.213.12.39 15169 (GOOGLE)
1 35.174.63.73 ()
2 4 69.173.158.64 ()
1 54.199.197.118 ()
1 23.106.127.52 ()
1 52.71.232.26 ()
1 104.18.13.76 ()
478 83
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
39    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
tpc.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.49.60.34 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-60-34.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    173.222.148.48 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-222-148-48.deploy.static.akamaitechnologies.com
cdn.adpushup.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.aralego.com
111    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
11    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
securepubads.g.doubleclick.net
24    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
5    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
13    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    148.251.44.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sundoro
rtb.adxpremium.services
1    52.74.188.129 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-188-129.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    3.114.61.6 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    52.213.181.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
ads.servenobid.com
7    104.254.150.241 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
partner.googleadservices.com
4    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
adservice.google.com.au
8    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
adservice.google.com
16    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
2    13.33.33.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-38.sin2.r.cloudfront.net
adx.holmesmind.com
2    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
6    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
2358b6d8cf73d9dfcd6fa63e093f9dcf.safeframe.googlesyndication.com
1290b0ac39d61432252977828d506200.safeframe.googlesyndication.com
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
d-249157755254426484.ampproject.net
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-9.sin2.r.cloudfront.net
pxl.qccerttest.com
2    142.251.12.100 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f100.1e100.net
www.google-analytics.com
6    142.251.10.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f106.1e100.net
www.google.com
5    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
www.googletagservices.com
9    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
6    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    23.53.160.138 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-160-138.deploy.static.akamaitechnologies.com
sync.teads.tv
4    89.207.22.76 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-login-ds.dotomi.com
dclk-match.dotomi.com
5    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p1.ladsp.com
cr-pall.ladsp.com
1    139.162.40.113 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1453-113.members.linode.com
a.c.appier.net
6    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    13.230.103.48 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-103-48.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu
id5-sync.com
1    52.5.102.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-102-142.compute-1.amazonaws.com
partners.tremorhub.com
4    103.71.26.126 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
6    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.47.190.89 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-190-89.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
30    74.125.24.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net
s0.2mdn.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    172.64.152.245 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    54.199.160.194 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-160-194.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
2    18.139.207.234 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-207-234.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
4    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
2    162.19.80.91 (France)

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu
c.eu1.dyntrk.com
2    64.202.112.127 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    124.146.215.47 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    52.68.227.190 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-227-190.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
4    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
tags.mathtag.com
5    13.251.66.227 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-66-227.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
cs.media.net
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    74.125.130.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net
fonts.googleapis.com
8    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
googleads4.g.doubleclick.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.72.44.239 (None, )

ASN- ()
js-sec.indexww.com
8    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    13.224.222.53 (None, )

ASN- ()
public.servenobid.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
fonts.gstatic.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
1    13.33.88.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-36.sin2.r.cloudfront.net
cr-p3.ladsp.jp
2    184.28.235.208 (None, )

ASN- ()
code.createjs.com
2    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
2    104.18.101.194 (None, )

ASN- ()
p.adsymptotic.com
1    13.107.21.200 (None, )

ASN- ()
c.bing.com
2    23.41.65.80 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    23.72.44.196 (None, )

ASN- ()
ads.pubmatic.com
2    18.138.158.87 (None, )

ASN- ()
pm.w55c.net
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    35.174.63.73 (None, )

ASN- ()
cs.emxdgt.com
4    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
token.rubiconproject.com
1    54.199.197.118 (None, )

ASN- ()
g2.gumgum.com
1    23.106.127.52 (None, )

ASN- ()
ssbsync.smartadserver.com
1    52.71.232.26 (None, )

ASN- ()
x.yieldlift.com
1    104.18.13.76 (None, )

ASN- ()
cdn.indexww.com
Apex Domain
Subdomains		 Transfer
92 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
660 KB
86 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
2358b6d8cf73d9dfcd6fa63e093f9dcf.safeframe.googlesyndication.com
1290b0ac39d61432252977828d506200.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
1 MB
30 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
607 KB
25 bg3.co
www.bg3.co — Cisco Umbrella Rank: 640013
static.bg3.co
528 KB
16 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 993
fastlane.rubiconproject.com — Cisco Umbrella Rank: 476
eus.rubiconproject.com — Cisco Umbrella Rank: 551
secure-assets.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
27 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 658
pix.as.criteo.net — Cisco Umbrella Rank: 17235
csm.as.criteo.net — Cisco Umbrella Rank: 17319
170 KB
15 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13203
us-u.openx.net — Cisco Umbrella Rank: 377
rtb.openx.net — Cisco Umbrella Rank: 1493
u.openx.net — Cisco Umbrella Rank: 655
jp-u.openx.net
4 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 12863
e3.adpushup.com — Cisco Umbrella Rank: 16213
aplogger.adpushup.com — Cisco Umbrella Rank: 15586
232 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 270
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ads.yahoo.com Failed
7 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 500
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515
ssum-sec.casalemedia.com
dsum.casalemedia.com Failed
9 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
217 KB
9 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 552
eb2.3lift.com — Cisco Umbrella Rank: 395
4 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
acdn.adnxs.com — Cisco Umbrella Rank: 594
secure.adnxs.com Failed
35 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 742
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 24965
ads.as.criteo.com — Cisco Umbrella Rank: 17137
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17323
gum.criteo.com — Cisco Umbrella Rank: 387
dis.criteo.com
46 KB
8 media.net
prebid.media.net — Cisco Umbrella Rank: 1082
cs.media.net — Cisco Umbrella Rank: 1294
contextual.media.net — Cisco Umbrella Rank: 534
16 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 336
4 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 101991
2 KB
6 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2723
3 KB
6 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1569
public.servenobid.com
6 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 33856
sync.aralego.com — Cisco Umbrella Rank: 2822
4 KB
5 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 15813
cr-pall.ladsp.com
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
220 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
3 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 452
tags.mathtag.com — Cisco Umbrella Rank: 3505
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 526
2 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2704
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8370
45 KB
3 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3277
1 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
sync.teads.tv — Cisco Umbrella Rank: 1059
767 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 288
929 B
2 w55c.net
pm.w55c.net
2 KB
2 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com Failed
12 KB
2 adsymptotic.com
p.adsymptotic.com
476 B
2 linkedin.com
px.ads.linkedin.com
1 KB
2 createjs.com
code.createjs.com
125 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1016
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 558
1 KB
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 4784
c.us1.dyntrk.com Failed
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 540
783 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 798
s.tribalfusion.com — Cisco Umbrella Rank: 2081
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 681
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
3 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2117
1 KB
2 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 17589
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
73 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 910
pixel.quantserve.com — Cisco Umbrella Rank: 417
11 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 384653
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 872
1006 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 641
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12502
11 KB
1 yieldlift.com
x.yieldlift.com Failed
1 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com Failed
1 KB
1 gumgum.com
g2.gumgum.com
usersync.gumgum.com Failed
2 KB
1 emxdgt.com
cs.emxdgt.com
67 B
1 bing.com
c.bing.com
668 B
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 25452
227 B
1 turn.com
ad.turn.com
441 B
1 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3760
335 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 169566
350 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2500
173 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212
5 KB
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 989
183 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6442
586 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 16859
592 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 1007
549 B
1 ampproject.net
d-249157755254426484.ampproject.net
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 858
679 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1035
519 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 8041
396 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 384
2 KB
0 creativecdn.com Failed
creativecdn.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 adform.net Failed
c1.adform.net Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 lijit.com Failed
ap.lijit.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 sportradarserving.com Failed
a.sportradarserving.com Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
478 101
Domain Requested by
60 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
eb2.3lift.com
g2.gumgum.com
51 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
cdn.ampproject.org
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.bg3.co
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
30 s0.2mdn.net www.bg3.co
s0.2mdn.net
googleads.g.doubleclick.net
code.createjs.com
29 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
24 static.bg3.co www.bg3.co
13 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 static.criteo.net cdn.adpushup.com
ads.as.criteo.com
static.criteo.net
8 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
8 googleads4.g.doubleclick.net www.bg3.co
8 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
cdn.ampproject.org
7 match.adsrvr.org 6 redirects cdn.adpushup.com
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 ib.adnxs.com 3 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
6 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
6 ups.analytics.yahoo.com 6 redirects
6 sync-dsp.ad-m.asia 4 redirects c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
www.bg3.co
6 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
g2.gumgum.com
6 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 www.google.com tpc.googlesyndication.com
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 e3.adpushup.com www.bg3.co
5 contextual.media.net cdn.adpushup.com
contextual.media.net
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
g2.gumgum.com
5 www.googletagservices.com c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
5 onetag-sys.com 2 redirects cdn.adpushup.com
public.servenobid.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pix.as.criteo.net ads.as.criteo.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 cr-p1.ladsp.com 4 redirects
4 dclk-match.dotomi.com 4 redirects
4 c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 cc.adingo.jp 3 redirects
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 token.rubiconproject.com 2 redirects
2 pixel.rubiconproject.com www.bg3.co
eus.rubiconproject.com
2 x.bidswitch.net 2 redirects g2.gumgum.com
2 pm.w55c.net 2 redirects
2 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
2 secure-assets.rubiconproject.com 2 redirects g2.gumgum.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects www.bg3.co
2 code.createjs.com s0.2mdn.net
2 jp-u.openx.net u.openx.net
2 tags.mathtag.com c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
www.bg3.co
2 cs.media.net 1 redirects contextual.media.net
2 rtb.openx.net 2 redirects
2 sync.mathtag.com 2 redirects g2.gumgum.com
2 tg.socdm.com 2 redirects g2.gumgum.com
2 b1sync.zemanta.com 2 redirects g2.gumgum.com
2 c.eu1.dyntrk.com 2 redirects
2 csm.as.criteo.net ads.as.criteo.com
2 match.sharethrough.com 2 redirects
2 ads.stickyadstv.com 1 redirects googleads.g.doubleclick.net
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 ds.uncn.jp 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 aplogger.adpushup.com cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 cdn.indexww.com ssum-sec.casalemedia.com
1 x.yieldlift.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
1 g2.gumgum.com public.servenobid.com
1 cs.emxdgt.com contextual.media.net
g2.gumgum.com
1 dis.criteo.com contextual.media.net
1 c.bing.com eb2.3lift.com
1 cr-pall.ladsp.com 1 redirects
1 cr-p3.ladsp.jp 1 redirects
1 ad.turn.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 fonts.googleapis.com cdnjs.cloudflare.com
1 s.uuidksinc.net 1 redirects
1 dynalyst-sync.adtdp.com 1 redirects
1 tr.blismedia.com c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
1 s.tribalfusion.com c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 dsp.adkernel.com 1 redirects
1 a.c.appier.net 1 redirects
1 ads.as.criteo.com c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 d-249157755254426484.ampproject.net cdn.ampproject.org
1 rules.quantcount.com secure.quantserve.com
1 1290b0ac39d61432252977828d506200.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 2358b6d8cf73d9dfcd6fa63e093f9dcf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 www.bg3.co
0 creativecdn.com Failed g2.gumgum.com
0 usersync.gumgum.com Failed g2.gumgum.com
0 bh.contextweb.com Failed g2.gumgum.com
0 sync.1rx.io Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.srv.stackadapt.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 sync.tidaltv.com Failed ssbsync.smartadserver.com
0 s.ad.smaato.net Failed ssbsync.smartadserver.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 dpm.demdex.net Failed ssum-sec.casalemedia.com
0 ums.acuityplatform.com Failed ssum-sec.casalemedia.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 sync-tm.everesttech.net Failed ssum-sec.casalemedia.com
g2.gumgum.com
0 secure.adnxs.com Failed ssum-sec.casalemedia.com
g2.gumgum.com
0 image6.pubmatic.com Failed ads.pubmatic.com
0 c1.adform.net Failed ssum-sec.casalemedia.com
ssbsync.smartadserver.com
0 dsum.casalemedia.com Failed ssum-sec.casalemedia.com
0 um.simpli.fi Failed ssum-sec.casalemedia.com
0 ap.lijit.com Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 ads.yahoo.com Failed www.bg3.co
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 rtb.mfadsrvr.com Failed contextual.media.net
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
0 p.rfihub.com Failed contextual.media.net
public.servenobid.com
0 s.amazon-adsystem.com Failed eb2.3lift.com
ssum-sec.casalemedia.com
0 a.sportradarserving.com Failed eb2.3lift.com
0 c.us1.dyntrk.com Failed googleads.g.doubleclick.net
0 odr.mookie1.com Failed www.bg3.co
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
478 151

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.a-mo.net
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.yieldlift.com
Amazon		 2022-01-14 -
2023-02-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 76 frames:

Primary Page: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Frame ID: F7215E31C77B2DB112F6D91FC4683BBB
Requests: 102 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AB8DFA63F5D1293E8C1ADA505468694D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AEE8349E7644EC0A8FCD0064B37D84D1
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 544464A5E81604231D9720D6B8420F4D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: BE19EB53835A550EDFD3868E96D04A11
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 90AFE184F54837F04868E8225569949E
Requests: 7 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 22E9F0FFDA72C53722D97B300DAEAC0F
Requests: 7 HTTP requests in this frame

Frame: https://2358b6d8cf73d9dfcd6fa63e093f9dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 65FF5DCFF160A5C47C72CD339466B1FA
Requests: 1 HTTP requests in this frame

Frame: https://1290b0ac39d61432252977828d506200.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4A90F8B3C97CBA408543BD6D4D77CDB2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-34509784063207531691&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3224&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=3630004568&ga_cid=amp-3OEr6mvo30nHFKTxKLDJyA&ga_hid=4568&dt=1662211954592&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&bdt=4603&dtd=154&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 0B97C5511DC0EEA70A4F81B8C2794799
Requests: 1 HTTP requests in this frame

Frame: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 36F08E2DA65AFBD2EA566B1C91178B00
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF9B92872A0705C40A4D7472EBB4E4E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 868B7A31F81D3B4B8540C4E20233A61D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF7452570BD1BED5177714090D8F78BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27E0472C70E34525245053E61C9CE470
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Frame ID: E3E40195745FFF108261F257B4C811ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Frame ID: 37959B0AABBE283388214E71B1E97CC6
Requests: 1 HTTP requests in this frame

Frame: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C45F0643554D0BCF7124A582E256DB7
Requests: 17 HTTP requests in this frame

Frame: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5AE0D2E53A5063911155AD36B4B445B3
Requests: 16 HTTP requests in this frame

Frame: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F50734F34FADAFC792AE483311F84A3D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNX0b1r1-bEDZYHr1Mz-A7-f2g8QmUCouqloTONTsnnp9k0ThaAAdMgVaP0zmGzn5nOmS57Ql5HuZeRbhymDxyazXPuiCQ
Frame ID: AF04243F9506F954864EECDAE7720379
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXCK8KlGlx6SbZY19QaemEtqKNuQjYgHXmUlbl0Dl2aR37FQ2b_i_kGAsgpBI34B-71i--rXrghF-zIFTwA4a0z0L-0iQ
Frame ID: 68C30AEE049348CD56EF8A756172E72F
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 0B63C4595855636F24907EED9EE06BAF
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 019BA6E874360AF50512BD97F5B214F8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNV-gWpVopuhtxjuk7Hdowzrs59IHPxPGdERU4fdzpvMG59J_1QaehEZ73jL6SH45doh3yGDh4DnLqZnGHQaMslvuc0Dvg
Frame ID: 9AC778735625854CE6A3A732A71488FC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIE7gmxI44lTmBrDNVZ61i0DX9mBz_tybCeS40I74NUPyMpDZ6v71JqtDQjvtd9uUubLwBkbuX2bLZv2bCIdXamB5MqQ&cry=1&dbm_d=AKAmf-Bw4jLkR7FhOppGZ-ylpbT8vzCH-9vgz2qF93CaatXG0W-Vrnj0ZbOUM8sf_XYbMyttmiiJyTGwzsvBFkBEYe82Q4db6CeN0a3SexX87ZOxlSdS2EttpTrd5dJ63BubZo81BXyYY6YeMhJFVKVmyh-Slub7QNRc0fqJx3o63G30czGWJxmTTcwsmv9yJRDvyEEx6L-wT46dqfT9PRCWPuVdFjOr6jrX4wUmm26Qk5VLxJvI-E3sxDLR1A7M8u-XeK75yELzVlMhXSCJbOOC1JgBEMKit7iw9WvZw6a-cvvOs2SqtD8C74F8sv5uuWIbcRxRrAfjaFMF1scT47F7w2SSOGtCgtYa7qWEsaT9MFdvqxLeri7hH397QRX1ZHnYYQizJiwCiDdbhLQQx6BNW3qfHfohVZoQx0jCdl41nLauhdIErMxBzCY1NO9Th6Omwk0fXAVZ5z88vyxFnUqmYA8RfZFYB6dKaF9IzDrzo4XGMSNSxwhYWz8B_aZjGY4lQEhKgcvQrzSCzW5m5LdtU2CVaaeVToB_R-SgTR-Cies6Ak8M2ADvpa8CIkELMlS2X6ixrEP7cWWubfaLXFq-eOz1DPDDJr1R8345WQpOUYkwTh97AbAWfgGqv_VdFmwCnfkv4ombCxws7_tBoURko7UwzCtk4b2xd0n8nyADflvKAnXmSlHQfkVlEjV6mKTAgFL5UV07v3FQsl-T1DI01LgpnKmOsjyenK5AGvR_BYqVhlF9jBNx4smT2vINiEBHvfXB7DagxXZCNB8FvuXqLXX2bMt6Kd0i41kjgoq92XCt3haJsyOEEVYbCc31_o7W215EDVUSrBJ22VK6EGUr7oD7AAVZspXDIq7MmodlyEroTd_Pt6vDdyDSmkJx2DLOwa-Ynni6QQ167XyUeSYDW3u8XUZ3oSZxoA4BcGH7f7S0pu1vYFsp1sGSPaD6xjy8vW0La58CDuNKsNU85ZbXlKJliXGktjI2TIfOhTkxutOYgHiIUuNNS-LQeDVsF7sfiuBBwUcOQD5zCy5u3DzMCTqahpPkk_kLmYtYshkch_j9egqxhODEiPcCDRspr7Y2wF_71SGGRfyFUwKfQW8u8hUcr2ivO3l8MsZyExb1aZZ6Z4REk7X_3Cb66YGeNkIMPaSj-bRaG5l8zZyTHzBVlp10lEoxm3foDtJwil1l28tCEjxKp0mpJKciJPiUPCscxeoZF9zI7as-UFhUdArxzXvxbLfOaBTv15yEZCUcRcQjz2-IkEq0d-5PAT3iQMUGO-49TMYTXA6LrR12g8iOB68emPO29cynoGhpcNL-e2ayrXl7GnzUYaP3-6pOVu80IBn2Z9_1meTFJ9_RP_ehI0Hf6HLQhIWgzs5-Re9DpLLRiAnhutx7CSlOSdgMBWRdKkxVU-df-4vEicQTIHO8-QoYyuEsLO2ra9OVRu-6k33cBW_0PZ1w_JihcRjuGbxVYSBeLJCbAkCjgN4oiNQceaqpbYlFXByQ926lPlprv2x6h0G4IoDSLOTqr37Tg2S2GqGWhbn8mal53F8eMOgVJ5AsJUqBGOy78CnzqdU1L5L4nh8sQRJUowzMjgma8UGw6rCOwCYlrXtFTPDed8uQatSTk3HDn82aOOI1R1GdUY0tE86qDmFJpV5I0y3y-O_CDDNSMJKWB9YKil4yTE42lVEC6huizfdjsMdAgTX6oWx4Al0qP7iKGHE-4ulwSU1hlVluhHHgRDao-jN_vKuZd67bXa7O44Wr853eFuhcLNC7tfeKYxQDDn_ASeR7PxUCS1b05Y--Njkkh6TLvbsLBuqIHE5SlamX-S7IVlNICA5fWMU_4m2ThvS7SuAX6nxeVFTUXpGTwn_N0-ycRlRNZZ3cmT3ghA0mncthKMC230cLASP_XwWj-brH1xsBQE8UMEv--fvx53Z7U4ZQaPzWro65yLECwy9IK8NTWGEd2bdzM-QE1bYPPidoDKC48lgVQLhzcTGp311H1ENxSl_5hQ6ezsYQ-vPEd_TX7SyUzOUnnn534kTJdEgTr6kP2QahUHHNl3saKgCiRhD8yzzgC5Rzj4RMO-5fWd0vqMDDBTjMRjB_Cf7q203RiiXV6IUuN6-hLKAzBtiwX8KJBWkRmrugX5K_bF1CgGMIsCS8OA-tshPD_A97XyXRR2uXIN6lvHUUypvtPTF97eT8QiYPStZ0FAgwOrJJ476CZ6b5ZV6M0csxB90KofmPwuD-g_bk--dOJFJBDD9TinOtOF75qotqrlUmRcwcsRxn1meGSGh2tpoKoRFEbckUBAPuuYzNCR8kHzhgcJ89MEMBrLmoRhPUQn4HDbr2uoou3pzmBhzj3XW9rZ6tKQpYk9rxPXywpOPP0BTcp3DFx07NEShv6C6IcbmidLBE0OVYiUHlpJTQtzGpeb19mJrUcqF43f77m30aivQil909H_nMbvN31vvcySfW4rx7DDjjGxlqQ-9dsGbLhi2iZbr-BJYf-JqRYjFcLLQHf4ynUuoZqs7cA0Mley4cfzHUapcPpMl7P8twg7FbHTE2omuU_bKUuwuy5V6XBZGe1B83uZPwLJhmsqjRn86ehC96HdObOE8S4d4LjW2mvrrdfoCnIwyo_y5m2HkHTRwNfXx9GtJgmt8iModdNXJ5QImvqUScHePAil08DDbPWr-Pr7tIUvQ8w1u3aEcpZAZamhOvnv7agiQbub8BYedC8II__38Rddec3l0-iB1svZSnwMaI3eynGoUj8E1z62kHGq016X1nIT_Q1sg3wkYX2rxscpdl46W8fA8MZS2_nWIQX51k6H0Pvz6blvF_ZHIAFYa3qxibYQJpbKd6n6_itE6SifXqkoUuXV7G45Hilx9hUN0gYtj_jFRZ4cb7Auy74TikhvKZL-9b4Bblxd9rQyGaB_-RPousGluR5JLKOZzwhx6smsm3Rc0mDHU5d-X7cfn1imdS9LIeuoqoKSAGHA&cid=CAASEuRobZlPwdIsX28mGtrT_yKrSg&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Frame ID: 02CD57E6BC7D50BFFDD0908AAC8A5B33
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNXHxhqF8tbBY4c2hoDhx-VRKeICBbwTse-2GW9FOPpKxd-KphGsRLdjprLpaV9FfGSdghwI4oR3haOZNv3OVJux4EQe3g
Frame ID: 3D7A395CE4EE658A18F0E07652CCE07C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZOJ6zhOxQbVADwbyZ9alKs_wZo9GJknMv0WGhxgyBrk3AEhz-XuutAV2luzZ4hl32LGKO4wOkFupCILF431Qvuqx1dQ&cry=1&dbm_d=AKAmf-B4Y4N6pYbT8t6wYnhf7Z2qsLIbaME_-7KpF5j6JY3z6I9vXrms2lmugQuodIqC5QqaDZV6THP3fKaUKEP6e9K3eMQKfnB220IhrqjilBfAeHb7RiLRmnz21eARyx1scQJLVEz8XkvZwFFJHNQTrvR0WzxZ7JuHDR8mzMGagDxOnSqc5F5n-W8ydpyx_zwlZGWDaWsduS6UCw34q_BwLjJzgeldK2PAFcbpmVuj77HiMcmSbtD2YgHLb9DuSTqvnuVdCBm7L8PMMSkN28vGHYBdScxkJRyxw7_3kFm1BgtG6QidtjzCm4NKOHYCXTi7eCm_DWs2UUqwLNaJgtczL_byEAvFWl0lveXN33QeZ6Pi-7eWaDgWPUrpGiVrW-58guRS6-vi-XYt1MZiGEE6ImnTUc6W3TbJKQNcfvH7lRRzMZ5XQb6p4AMojgxqCNmUzShBYNWA2iDwPXrtma-Ql-xjxN9z5JEeNOTaP3cMAaJdncrzBNrujh8y2E4HkAdJhYAImeamMYwwhFYrVZyXwqP-a7glaEnXmBbVUhNvX2e7YYC7qXKi3rVm0aPjVBI-rpUW4pT0h3mYwxNLiGLQUQpg-DB-Wi0uc2D91OLd1c17N16G_N3M2I5PU7nEC9SFD2u7FQYfUqAG_1ZHITUZsGtOxjB2-XP4xHhjMndAkrfQpflANkJtztMGMe3xNPRAjvKdQNLUFBiadtx12mnd_u5LoZiG5Y8GQ8UHsi2yiY7WmBpAJbfdKL1ZyUTU15i0elOpf4t3TSVpvNcAxngBkzCnG3MJs3T8K69E8UJmOq-O3KUPpxu9JqL31jpKS_sCTUrzYceYrj1w7IlhMAeTgDBhN1bFHqBRAPowO8ZSPMvphqss9nOMvkfjv6eHW5p1tPkN325YigkdijYhXTOiTSQNiXAN_b5M1VWINWlZZ6Aj1SKh7IuIsx0XDWkz6sAo_USIx7yGDovpjT8wzDBeVzP64nEtL5cKyDsL_5qmJjAF-z1Wg4ZadIlD1TXRehcwBbzWKxcSKFLksM6ef8dKNem9LBTHHCdmXnyu1jamehxCpEF51IGpiB-EbfZfwVJqpTTzBWdQytRpPzld3K10RCp67o3fF4x0gghjhpEzSCUPXQQUxpeDIZTHLBOeZxC4kudZlvmJ1SHkulK2G1CMvuICSNkWamTP_VIqCY82DDxXjaZzOMAwdl9cTSbuaN1Aoe610awdHcwvMx9oiW-A3uav9cihoQLF8lBo_EsbkoIpHcfXzGiazBHXYy69TPzz8R5KKrrUSNvFrCEnjMgNS-NQ8gLBv6nR-7HUEDExTIPbBtFnVhVa0q1AhHxzT_r9SdWZdRie5p95a1DFI6S1Sx90Coo4_napDn7YZOWCuFA8cSgCo_04dUB_XYfhzdHoN6_7-n-TAatzEkj3cfaTPjB75pw-DN_-XSWzysPq2eJ-B7aLf0skVbNeALkuAHIbAHZeFp8KBRDBc3EO7O0E8gSlWrxPQIe34y5g-K_kCFbAJrzs5ovRctiJdkDwEXN6nhrF81xkFAmsYX-QEIvciAC1x6WFHDWUBX5DeWReQVKmeItNXeXRbCdV9LR0lTcWkXwiZ8dj6UecXMm2NVPtlolM8qESeBzpkVgljJFbguUh4pztCLos0tw4txG2IQgsdYTLWREhN_eYb6w6kx8mXJ95OCc9wbBU1a9U9Hq6EyMfKGg_cVRUDnlkcHiUFOG4nfPDqFzmx9Wwdmmck8FAFpRRomn37meNPwd_IeIoXK1eoEMUH4Fp9T-_ZNqDEDe5EVJeKFzoAjUPRbL5NUn_x1o1brY8Hh91HjcpjQpvwi-VxeN5AWktspqrubFngzXTT-c1IuYUgUKOhvxmGSiyZO_WvesZ02wTBS0RJVx2LU-RUAIUs4lMi6JHWszMAJEqG-6eH3B81YWdQfiN-uSIZkQFVRGwk_Hbib8zcWyLwKh3_Gh0aAYKWDHDZpSIYOQbBkDw2eS_5sbW-Dy5AC3eqdQIONMpcSKDIeZ_GxNcaubeBYBUes-c8ZXbit4eZRbkD2CFWE-yE0zJkkdj26tS28er4-Or8wuo-AlkuZbeKQM7Az7mvWfaCWUN_wKtIQZhxNclGGu516t72GkiOsresE7UtZl_zFcLZHf_n-9i4A_3EBxxpUqgfiQV8Z89QZMulzj0pcQdHN8WTauH55DPptsodQP5ELrjwIq9yInGuCIivrjG4GjC9IHf7f7s99uRod-aZpByZ-UqxDfJPP3NAqT8DhFcbHAIv8wPH8Ed_1KBUQHPNj6cXTidTIN42Q3yePnsNdmRZwlEHaGnvcUHS5M44Te8I1wC34BGxZUWk2cOK6zTr_i8i-7w_1ypVO5NHgOWNEgLemKWvhbL0tw3ilZx-y7gbdPdoBf0Pb8dgChUlk863gLRxWKLifwdtUN4sM2RiNO3IQ7GMxsx8SkAKQrbrng_MxGeBNdQKB0JWfm460ppVphmKi5NyQ79sc2-hcIOjrOcMdxft7fr6Y56ZxF2hULaLwFkDE0xkAt0zAZye47_kZQVilBIY3OOaWyXFX6Mvet57jXdmRnDCIk5Gs669Tko1qYJD9ty4emS-2Ua9GJpa5O3TrPfz8-XABriMQlFwXbLQ2yGQ-wBPtkCLShkyk9xgcKFGOJyvW5El9TUmXUaTFvLF-jlmjhfJUudsHjhG-ivf168rXgWXoyTdiN4AU8zGEvtCSuEHwr0zFglQa_xMFXpFJLoRpSLiA17fg7QdgiF7eRjE3E8SVfGEf0_RUdqSWkpt1wg7kzFNkPNcwhTlGGHY2tOcCelF9OUr4NJ4hbQoZRuQ4uIOVTqwOkt8WgWEY7tfURC6WZ0q4bZDBXKsWIh4PnRqiB0skhgHUPPvfdtZWzuE43nH16R30z2_neLBBL4tJpCxSdn1k8etGZJfU6URxWjQi4EJTVuoNSzKULuIBNEmpDAUJrQDIwV6dGMVg&cid=CAASEuRo4FxJUvS2_0zafOqRvAh3gg&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Frame ID: CDB326F7F3D364B6FE3BFD141D89CCB0
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AC7FE47FF2274510B354373DB0274A9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04D3B1DAFB5CBB100F24719842229C6A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4ECE95BC1F1FDC1AFCA7E867737593FC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F62F6509F4DFB53EB2E1CFA6EF963D69
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 67AFBA9B1C4D0C13E04D178FD9639C7C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 65B61203139B948D81EA57B7026BBF92
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FCFAE7C9E2723970EED363FC7A7B620E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8016342A98FC2D29716F818E3C864E07
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Frame ID: 77C27D48A40652087D01AA8BE4E1B2F0
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Frame ID: 038677DBA5B24C17D22239E689A6F923
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Frame ID: 27DBE0F59F26069754CA719B6581DBF0
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
Frame ID: 0D84CFF0926433EF95D1419615FD02C0
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D40FF64D83511BECCC443A3C77C4D2EF
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6D6DC26801E4D5ECCD7804B59BDFFFB1
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8849CB5FA2D511E3A10BFA1785AC6A4D
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1ED3332478BFDA89DE963439FB3B3373
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 02E7902ED85A3F573DAF1C81716FB6BA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1662211954079
Frame ID: 9E5B6CD59371359612D3E01F957792B5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: B6CDC510F9956EF0CF982867EAD8D65D
Requests: 11 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 60ADB2B0D970F0A3C51CAF86F64D3E74
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 1508A53201415B6F59EA9C10A8A30D36
Requests: 3 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Drkt%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D%7Buserid%7D
Frame ID: B0A4DDECC5E99895AD5911CBDD06EE84
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dpba%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3DPM_UID
Frame ID: 374EC9768E1203D19688C7227FC7441F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F08350A820D5D9DD353238F8148DEB35
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: FB71A1099464B5E9F3F71101B1431FE3
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: C1B5F62377E362388401AE6DFADF46A8
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: C005ECCB4C54ABAD837CAC4E7B2AF918
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: A7E509DA2B55FDDA24ED1F6B45D22371
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 3C538C856A54CF57A7BA7D21E39E0F7A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: B0C0E719B69843E865B0C0AF358803D0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9537C85A0A660C5863B870305AC967B3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD525BFB58C292F129287609C0819394
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 173B06116E976633FEBE49A50DBF9A05
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 22006BDF08B3630A8A85B5E88D2E564C
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
Frame ID: 40B66000E1B31CE89430429C2AA37884
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 46B2B8578059C1479FBBFEFA5D846D92
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8yYWJmZjBlNC0wZjQ2LTRmNTktOWMwZC0zZmJjMjc5ZWYwZTE=&gdpr=0&gdpr_consent=
Frame ID: A1F6039ED8811701FCEC0DE167678795
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 788DD5AD18B7FD2AF1861A00FFAAB5F4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=3577886c-293e-405c-944c-d97075ba3a83
Frame ID: 375485F7CFE736990E94C55BC9504EF7
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 7A6542FE7AB7892E4893054C334309FE
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: A31C8E98234F7DC782A692C1189AEE8C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: D4C59AB2C1BF1484AFC0D663D1B75418
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 663DED51568985BE10EDEB30D9165CCE
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Frame ID: 52C62598F5AB2A317B1AA96DE2C344A0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED75E78E7A9C140C469F16C389518B55
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 455288814C1C0C98A3736030BDE2AEE2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3403EAB55C918A4D7E36D129FAE02C63
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B35D02EBFCB0EC7592CDA9E8CA956AB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

親訪蔡英文!美參議員賈德納「突飛臺北」挺參與國際:臺灣聲音很重要 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

478
Requests

69 %
HTTPS

0 %
IPv6

101
Domains

151
Subdomains

83
IPs

10
Countries

4257 kB
Transfer

11062 kB
Size

78
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 89
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1662211953&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211952811&bpp=13&bdt=1558&idt=742&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2835728403767&frm=23&ife=1&pv=2&ga_vid=2111951173.1662211954&ga_sid=1662211954&ga_hid=187815843&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=655927915&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068919&oid=2&pvsid=1236317456253465&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pfx0alqdv2ea&fsb=1&dtd=758 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 95
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1662211953&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211952955&bpp=12&bdt=1686&idt=881&shv=r20220831&mjsv=m202209010201&ptt=5&saldr=sa&correlator=2835728403767&frm=23&ife=1&pv=1&ga_vid=557625152.1662211954&ga_sid=1662211954&ga_hid=1555285833&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3972&biw=1600&bih=1200&isw=336&ish=280&ifk=169895649&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069330&oid=2&pvsid=940376017783125&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6o0lvrn76sxb&btvi=1&fsb=1&dtd=898 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1&C=1
Request Chain 190
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxNXdbnxzew58odY2hHp1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECl_8OvdfNJ9v3MAP3EXCGk&google_cver=1
Request Chain 192
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDE5OTI5OTg2MzAwNzM1NA%3D%3D
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPjQjB-voBSQUmH0PJkExM4&google_cver=1
Request Chain 194
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2UzMzQwNzgtZGRmMy0yMmQxLWM1NGYtZjAwNmVjNWJmOGY0
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFjLUK0vboU-T1wMfoQj17I&google_cver=1
Request Chain 196
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTk5MDRhNjMtOWU2Zi00M2ZjLTg2ZjMtY2I0NTM4MzcyNzJm
Request Chain 197
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_cver=1&google_push=AehlK4DUxxhQPsO7yJsb9fVU01sGJ81E5eAMeFGmFLJ3ou0QmiB8t-E4Uig_2l6zLPYiSCa6igJVSr82AYXF6WkvaPcBgarLac_BbDomWexFCzB6BjzsnubWHOdLISBLfm7WT39tC_6BSCaWlA HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=2be0db7423ba225f&is_secure=true&networkId=14000&version=1&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_cver=1&google_push=AehlK4DUxxhQPsO7yJsb9fVU01sGJ81E5eAMeFGmFLJ3ou0QmiB8t-E4Uig_2l6zLPYiSCa6igJVSr82AYXF6WkvaPcBgarLac_BbDomWexFCzB6BjzsnubWHOdLISBLfm7WT39tC_6BSCaWlA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJtBTFOLPd-ANjh4f0AAAAAAA&expiration=1662298357&google_cver=1&is_secure=true&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_push=AehlK4DUxxhQPsO7yJsb9fVU01sGJ81E5eAMeFGmFLJ3ou0QmiB8t-E4Uig_2l6zLPYiSCa6igJVSr82AYXF6WkvaPcBgarLac_BbDomWexFCzB6BjzsnubWHOdLISBLfm7WT39tC_6BSCaWlA
Request Chain 198
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4CfTtXcxkCxZVUfJ-bNjjPXzGJwKMxOhbM7UryP-MHfr7vCEirAcUlQAWOl1OAXhLVDhM1FCNIal2ap-Cd48DOubdwHRCkDDNq8oweW6ZNv0HDnzJd0NDgJbZZwiCG1Xbz-cijGtn2n8A&google_gid=CAESEH6yAQO3vdfMi-3T90GWJVM&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4CfTtXcxkCxZVUfJ-bNjjPXzGJwKMxOhbM7UryP-MHfr7vCEirAcUlQAWOl1OAXhLVDhM1FCNIal2ap-Cd48DOubdwHRCkDDNq8oweW6ZNv0HDnzJd0NDgJbZZwiCG1Xbz-cijGtn2n8A&google_gid=CAESEH6yAQO3vdfMi-3T90GWJVM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4CfTtXcxkCxZVUfJ-bNjjPXzGJwKMxOhbM7UryP-MHfr7vCEirAcUlQAWOl1OAXhLVDhM1FCNIal2ap-Cd48DOubdwHRCkDDNq8oweW6ZNv0HDnzJd0NDgJbZZwiCG1Xbz-cijGtn2n8A&google_hm=AcdUs1bbdhBJks8ADsWuEit17sA
Request Chain 199
  • https://a.c.appier.net/gcm?google_gid=CAESEC-75vUMVYa4Se9zVG6q-Us&google_cver=1&google_push=AehlK4DYCkciH3pRL4MGj7fA0tWNnLxP3YFfffd7DJa-UbfeEFelOlzIQQNhCSrzwRnpyi2axldS9R1j-CEHFk5OrgcewVG8lX3KwlA9Sy4a2iiHNd7Zc6WIaqYA5GJD8o5LteRcL3Ln0zAgvg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVlTMUZfVm5Eb3E3b09kZGRWY1RZdw%3D%3D&google_push=AehlK4DYCkciH3pRL4MGj7fA0tWNnLxP3YFfffd7DJa-UbfeEFelOlzIQQNhCSrzwRnpyi2axldS9R1j-CEHFk5OrgcewVG8lX3KwlA9Sy4a2iiHNd7Zc6WIaqYA5GJD8o5LteRcL3Ln0zAgvg
Request Chain 200
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEHF6n12H11kCu750PeMs250&google_cver=1&google_push=AehlK4DL7NUvPNf_EVNppTKCWQHowafh12aWkxMWLrjLrJduqlbIBHtjK76OiMwiCTMdthmwsz0istQklUO05zc1fPNlSJ_5VzY1UnoKkHpYoXV2hgynn0h-yoSrwhmc9QIrvFvWZhHnwZ0t HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEHF6n12H11kCu750PeMs250&google_cver=1&google_push=AehlK4DL7NUvPNf_EVNppTKCWQHowafh12aWkxMWLrjLrJduqlbIBHtjK76OiMwiCTMdthmwsz0istQklUO05zc1fPNlSJ_5VzY1UnoKkHpYoXV2hgynn0h-yoSrwhmc9QIrvFvWZhHnwZ0t&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4DL7NUvPNf_EVNppTKCWQHowafh12aWkxMWLrjLrJduqlbIBHtjK76OiMwiCTMdthmwsz0istQklUO05zc1fPNlSJ_5VzY1UnoKkHpYoXV2hgynn0h-yoSrwhmc9QIrvFvWZhHnwZ0t&google_hm=QWdUMkxrckNEMEM=&suid-set=1 HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Request Chain 201
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEELMOKEk-z1UpdRrdMoIxIM&google_cver=1&google_push=AehlK4CVlw9F2ns3jWpPPaN0rsB6CwyaGbNDr3Sm0rGtoRPyQz753aGy_BMpqv1vb8oMUvFFTtTv7YvczsWtWWdF_GCP3gkdhwGfd5wHLCv3IpSvs_-ujCxuek4cTJKe2Q0RCYEXcU9ZPLhj4Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTczNjkwNDAzMTA2OTcwMDEyMzA&google_push=AehlK4CVlw9F2ns3jWpPPaN0rsB6CwyaGbNDr3Sm0rGtoRPyQz753aGy_BMpqv1vb8oMUvFFTtTv7YvczsWtWWdF_GCP3gkdhwGfd5wHLCv3IpSvs_-ujCxuek4cTJKe2Q0RCYEXcU9ZPLhj4Q
Request Chain 202
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEPwlnxCawtR7deJhyNZKBOk&google_cver=1&google_push=AehlK4D8iJx6nx9D_s4L25CXTE8Hj1ha_Gxc0QKnLdo1MMKeeibGjukmYjg7j05LM13zH8dmoKL-CWjv-HY5pe-DenbC-4zTDLMnmlj4MO1w4zWEUHoPlcpiSXxaWi1L4xOImnKxzhtDHUpx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4D8iJx6nx9D_s4L25CXTE8Hj1ha_Gxc0QKnLdo1MMKeeibGjukmYjg7j05LM13zH8dmoKL-CWjv-HY5pe-DenbC-4zTDLMnmlj4MO1w4zWEUHoPlcpiSXxaWi1L4xOImnKxzhtDHUpx&google_hm=AcGCdjY2O05wjXZl-Jezs8g
Request Chain 203
  • https://sync.inmobi.com/gob?google_gid=CAESEC-L75Ohux-hf2T8yOt__yY&google_cver=1&google_push=AehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYFd-nh4UABBsqQ0AZDfxEFoznHN7kDi8d2P3v6i2Ck4MJIT2EHZi4BkNU HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYFd-nh4UABBsqQ0AZDfxEFoznHN7kDi8d2P3v6i2Ck4MJIT2EHZi4BkNU&gdpr_consent=&gdpr= HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOQ_x6AP7Gg6FlsQq1AlJ5tC757eb5LnJsamETxA&google_push=AehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYFd-nh4UABBsqQ0AZDfxEFoznHN7kDi8d2P3v6i2Ck4MJIT2EHZi4BkNU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=XJdjO9sbhfPS81pHqyZq&google_push=AehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYFd-nh4UABBsqQ0AZDfxEFoznHN7kDi8d2P3v6i2Ck4MJIT2EHZi4BkNU
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESECIRygRRRhyucotE85CaoGA&google_cver=1
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEImEiFhO4m3WASW7XtBnSA4&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEImEiFhO4m3WASW7XtBnSA4&google_cver=1&__user_check__=1&sync_id=e04e5a14-2b8c-11ed-a1ae-17c4e7040307
Request Chain 207
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=e03bb5be-2b8c-11ed-ac78-1fd9b6860107 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTAzYmI1ODMtMmI4Yy0xMWVkLWFjNzgtMWZkOWI2ODYwMTA3
Request Chain 208
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1pY0pmWjd4RTJ1RXE1NGJ2NVFRbWtnVFN6bmhjU2x1OH5B
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELhbl3JXo0j3KMy8CkDF4z0&google_cver=1
Request Chain 210
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjE2NjU3MTZjM2NiMTY1N2Q4YzI4M2FmYmU1OTVjMWY=&gdpr=0&gdpr_consent=
Request Chain 247
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHsmgcsGFxGNUyy8eUSue00&google_cver=1&google_push=AehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25oPwroUgmXJwWEL1AlQTXKmYvKPRFmsv7x5lCJ1jsiL4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25oPwroUgmXJwWEL1AlQTXKmYvKPRFmsv7x5lCJ1jsiL4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHsmgcsGFxGNUyy8eUSue00&google_cver=1&google_push=AehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25oPwroUgmXJwWEL1AlQTXKmYvKPRFmsv7x5lCJ1jsiL4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25oPwroUgmXJwWEL1AlQTXKmYvKPRFmsv7x5lCJ1jsiL4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 249
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEHF6n12H11kCu750PeMs250&google_cver=1&google_push=AehlK4D6iFdFD-xvDKhVLyF0OA4L3R2PwkNoeSJqfIcBsZFdoRJHmizKGKpvEJZ-zQW7-GdD3pUAEykUJvpgKbcqlzypXaWFirXyY-sGMStjUMTQWrj2_YvWvi7jKj_QvKJhSzMAHtQmkOA HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEHF6n12H11kCu750PeMs250&google_cver=1&google_push=AehlK4D6iFdFD-xvDKhVLyF0OA4L3R2PwkNoeSJqfIcBsZFdoRJHmizKGKpvEJZ-zQW7-GdD3pUAEykUJvpgKbcqlzypXaWFirXyY-sGMStjUMTQWrj2_YvWvi7jKj_QvKJhSzMAHtQmkOA&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4D6iFdFD-xvDKhVLyF0OA4L3R2PwkNoeSJqfIcBsZFdoRJHmizKGKpvEJZ-zQW7-GdD3pUAEykUJvpgKbcqlzypXaWFirXyY-sGMStjUMTQWrj2_YvWvi7jKj_QvKJhSzMAHtQmkOA&google_hm=NHhaY2pjZlFNa2E=&suid-set=1 HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Request Chain 250
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEL4nPGsK4g-gmRXYkbrxfds&google_cver=1&google_push=AehlK4C1Gz8Lut5rcJawZ_z95uALlg1q-Gi7pKvQFgOUfrJGpp0yBf_h4PgO-Hs3oFvqCcvd2JyiVyWcihFA8cank5_Q10S0rQr29eecARna7XrEZBKqu5DyUj4dmEdVTmxdDr8Uunhv2ts HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AehlK4C1Gz8Lut5rcJawZ_z95uALlg1q-Gi7pKvQFgOUfrJGpp0yBf_h4PgO-Hs3oFvqCcvd2JyiVyWcihFA8cank5_Q10S0rQr29eecARna7XrEZBKqu5DyUj4dmEdVTmxdDr8Uunhv2ts
Request Chain 251
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEPwlnxCawtR7deJhyNZKBOk&google_cver=1&google_push=AehlK4CIIlFulH03sfvsyR2QiwZAM72MDyEpJ5lTtI04-JLTKAridciCa0z1kOjcAd5Rnqk3qSPyT5FeL7N9muQKLn-QST6CGbTdiRFIB8CIaIbVkol3Q0p__yYcbpxihwyGKBALvuRQDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4CIIlFulH03sfvsyR2QiwZAM72MDyEpJ5lTtI04-JLTKAridciCa0z1kOjcAd5Rnqk3qSPyT5FeL7N9muQKLn-QST6CGbTdiRFIB8CIaIbVkol3Q0p__yYcbpxihwyGKBALvuRQDA&google_hm=AZ3NWrpHQky1vuB494_QH6c
Request Chain 252
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAC1As7ljXxmFIQBefxBEA4&google_cver=1&google_push=AehlK4B3Pl2ZsOpEbR7yAkYcPqWA4AaejD7qzXazTOTpVMd-lUq7lpdghIvelJy9GsxbiKKY85G7db-5NLrQFL8EG0Z30o9eGT_hzQ5jUeuZ2R8uE7TpGWaSgCPib8igCm3qKtD1Y_yiUTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01N08xSlRGRTJ1RnlOdmtRN09uMU9ZMmMuZXVFX0ZDYn5B&google_push=AehlK4B3Pl2ZsOpEbR7yAkYcPqWA4AaejD7qzXazTOTpVMd-lUq7lpdghIvelJy9GsxbiKKY85G7db-5NLrQFL8EG0Z30o9eGT_hzQ5jUeuZ2R8uE7TpGWaSgCPib8igCm3qKtD1Y_yiUTc
Request Chain 253
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELwD6cOoyHsNW54N2nTTLUM&google_cver=1&google_push=AehlK4DxAxfF1E0HxuURw7Z4IbmZeB1T5LFn2b9OmIHw0nJtNicQJ_99MyTptcAPNcJHMbixx6f_lx2aZ6pCfOnS2AnbG2DkLES3p3Mvs8Kd0IBlICaV2wfb-RIgVWHFjSGd7D0V3zOrc98 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OGU1ZTg4MmMtOGU3NS00NWQ1LWI5YzEtMGU4MWM5Njg2ODg3&google_push=AehlK4DxAxfF1E0HxuURw7Z4IbmZeB1T5LFn2b9OmIHw0nJtNicQJ_99MyTptcAPNcJHMbixx6f_lx2aZ6pCfOnS2AnbG2DkLES3p3Mvs8Kd0IBlICaV2wfb-RIgVWHFjSGd7D0V3zOrc98
Request Chain 263
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_cver=1&google_push=AehlK4DKG1hWfgrQ4OVJE7-ynNWQeQhj_efMgpYWeH124aIj7vHtjD6M1MB2dHF47ozorq9qH6HmK0idhDVyQjzpXEGt4MaYsCSPeQ HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=48414d78e5192026&is_secure=true&networkId=14000&version=1&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_cver=1&google_push=AehlK4DKG1hWfgrQ4OVJE7-ynNWQeQhj_efMgpYWeH124aIj7vHtjD6M1MB2dHF47ozorq9qH6HmK0idhDVyQjzpXEGt4MaYsCSPeQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALa-g2504CTQMnWx8hAAAAAAA&expiration=1662298357&google_cver=1&is_secure=true&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_push=AehlK4DKG1hWfgrQ4OVJE7-ynNWQeQhj_efMgpYWeH124aIj7vHtjD6M1MB2dHF47ozorq9qH6HmK0idhDVyQjzpXEGt4MaYsCSPeQ
Request Chain 264
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEH0D0Yaj-4mf-s2QvrpmnnM&google_cver=1&google_push=AehlK4Ah9lfaNulypy_l3vLi-ccCtdO5cgSDOGHT-6M_6BLW75KCsZ3D3eS_hW_NwDmOJBN94TInl1A5aTXDe1D7K9rkGkjgzrJSuQ HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEH0D0Yaj-4mf-s2QvrpmnnM&google_cver=1&google_push=AehlK4Ah9lfaNulypy_l3vLi-ccCtdO5cgSDOGHT-6M_6BLW75KCsZ3D3eS_hW_NwDmOJBN94TInl1A5aTXDe1D7K9rkGkjgzrJSuQ&prevuid=03030002_6313577682e65&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Ah9lfaNulypy_l3vLi-ccCtdO5cgSDOGHT-6M_6BLW75KCsZ3D3eS_hW_NwDmOJBN94TInl1A5aTXDe1D7K9rkGkjgzrJSuQ&google_hm=MDMwMzAwMDJfNjMxMzU3NzY4MmU2NQ%3D%3D
Request Chain 265
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEMLmYD5ChBGjivkmJ4Pazgo&google_cver=1&google_push=AehlK4DNCqJ9wpo-VOsclFkA51oL1IebOQohyisX6azZZqqnCE41C_LyqNKP1uOw-diejJLwY8ArVn3KS7WVgebJmoPSbcHIbeTCyg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEMLmYD5ChBGjivkmJ4Pazgo&google_cver=1&google_push=AehlK4DNCqJ9wpo-VOsclFkA51oL1IebOQohyisX6azZZqqnCE41C_LyqNKP1uOw-diejJLwY8ArVn3KS7WVgebJmoPSbcHIbeTCyg HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3533d218-d8d7-4364-ad08-0ce37055f148&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526249337535193241&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle_jp%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526249337535193241&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle_jp%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=9fa33b35-2994-4265-9b96-4309f2caaf77&ssp=google_jp&gdpr_consent=&gdpr=
Request Chain 266
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDxlti_qQxN3V1b5thckVgA&google_cver=1&google_push=AehlK4Ch5fgfQHS6Yzi6vMweC5_c7WIQa3hQKfmiSfCGubNRvg-xLeYnuYe8z0VG58g733vaniBVvYWh81b53uSYjp11YDd-MBrSHQ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDxlti_qQxN3V1b5thckVgA&google_push=AehlK4Ch5fgfQHS6Yzi6vMweC5_c7WIQa3hQKfmiSfCGubNRvg-xLeYnuYe8z0VG58g733vaniBVvYWh81b53uSYjp11YDd-MBrSHQ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4Ch5fgfQHS6Yzi6vMweC5_c7WIQa3hQKfmiSfCGubNRvg-xLeYnuYe8z0VG58g733vaniBVvYWh81b53uSYjp11YDd-MBrSHQ&google_hm=RjVvQl9PdFJvbnRma1JXaWlIUHE=
Request Chain 267
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE37nZd49Dk2vSSuM9FhKUQ&google_cver=1&google_push=AehlK4A8nDPaiq24jXrIMDGnE1qWhuPCVtpznSFrGdlqDe_sHFFuhbnWGHINOYcFmCnXxGkrClV-vfmlvrXTIXHcJhIv8Cbzrtv4GQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4A8nDPaiq24jXrIMDGnE1qWhuPCVtpznSFrGdlqDe_sHFFuhbnWGHINOYcFmCnXxGkrClV-vfmlvrXTIXHcJhIv8Cbzrtv4GQ
Request Chain 268
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEA8cblfKCH1-OgrHp5hIOBc&google_cver=1&google_push=AehlK4DR_Jl4hlhGStx76yeHDtiSFgaw3pEWjvCbXXbS7JEQTcRas9muZqiOMAMGdNa2WtA_DHt0eRaQjCvDhZ-R4dkXZtlgbkTZWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4DR_Jl4hlhGStx76yeHDtiSFgaw3pEWjvCbXXbS7JEQTcRas9muZqiOMAMGdNa2WtA_DHt0eRaQjCvDhZ-R4dkXZtlgbkTZWg&google_hm=WXhOWGRzQ284WXNBQUdleGx6a0FBQUFB
Request Chain 269
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEGYfr0WR1v-bS8MLIcI4Ndw&google_cver=1&google_push=AehlK4B7B2CracEcJ05SeLN0kqQUIJ3rNgIfHeq0KVgNJjyDyAd1L3xBNpaCa1fg9jXIEgLyLDlVa_rpIUxcM9qPfomk2Evcro-KWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4B7B2CracEcJ05SeLN0kqQUIJ3rNgIfHeq0KVgNJjyDyAd1L3xBNpaCa1fg9jXIEgLyLDlVa_rpIUxcM9qPfomk2Evcro-KWA&google_hm=0897055019a47ab6c1a9a85a4f268246
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDPANVIxjEOKHNc5UbKwsC4&google_cver=1&google_push=AehlK4DdG5CLKnIKZELvbr8Uozq3K_VvbbO176goY6AahFcPRAA7dPb7i8jcEkbW9Zt4gLb37WGGuI46IUhFNsZ6ZhUQk4O0Ksrxh4Q8gndqlkfWrbKOzdHGiv1HezZi3FCqUj9YL1cYMpU1rau-2xanqmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DdG5CLKnIKZELvbr8Uozq3K_VvbbO176goY6AahFcPRAA7dPb7i8jcEkbW9Zt4gLb37WGGuI46IUhFNsZ6ZhUQk4O0Ksrxh4Q8gndqlkfWrbKOzdHGiv1HezZi3FCqUj9YL1cYMpU1rau-2xanqmA
Request Chain 273
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4BIS0ceSh8dDOx5GAEOOmKPZIjFzvw4UD-GCkyWwYEfBbj6GUJNvQ1dZI8r4Na3NMMUW3-4V33NxqEc91Us2Sq5JcTBmX82LimgNPOvSkZmU7Buhv2bblx7uWNTpbyjY7Q8CbiSinx1jXwKME8iug&google_gid=CAESEH6yAQO3vdfMi-3T90GWJVM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4BIS0ceSh8dDOx5GAEOOmKPZIjFzvw4UD-GCkyWwYEfBbj6GUJNvQ1dZI8r4Na3NMMUW3-4V33NxqEc91Us2Sq5JcTBmX82LimgNPOvSkZmU7Buhv2bblx7uWNTpbyjY7Q8CbiSinx1jXwKME8iug&google_hm=AT8wTffcZQLlks8ADsaW5s1KjcA
Request Chain 274
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAT4QHSMMFYc-_m2Dos6C-A&google_cver=1&google_push=AehlK4AZ8tpBuoxNVLQvlYwdhQ3COpYneRAkhIZFoC6rUJnVidKIlH8tGi5Sb8NILVfLip9zDPCPYEM83zcQHbAk7l_CSXe6ivCo4qUyxSsBB8k44oavWEFPNg7jeiSm5mUFHhSwnjldrEBVg8yTAWZ16g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AZ8tpBuoxNVLQvlYwdhQ3COpYneRAkhIZFoC6rUJnVidKIlH8tGi5Sb8NILVfLip9zDPCPYEM83zcQHbAk7l_CSXe6ivCo4qUyxSsBB8k44oavWEFPNg7jeiSm5mUFHhSwnjldrEBVg8yTAWZ16g&google_hm=Nzc2MzUxODMyNDkxOTk1NzY3Mw%3D%3D
Request Chain 275
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBgyRxTypVzcuq6EdQDlHsY&google_cver=1&google_push=AehlK4BNPMAch6GDOiD9yjxIl-NuaU1Ize_5sgHTD_jCTKDnxC0Jp196l75lwjy-kMSUagxj5FnFztYAk0Jl2P-PKP8ITtTa3Zpz5N8YzZaVq0c2MFIx0G9prugVoRgzV95FA-CwHwrNS3lWo6YdgFIW68Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BNPMAch6GDOiD9yjxIl-NuaU1Ize_5sgHTD_jCTKDnxC0Jp196l75lwjy-kMSUagxj5FnFztYAk0Jl2P-PKP8ITtTa3Zpz5N8YzZaVq0c2MFIx0G9prugVoRgzV95FA-CwHwrNS3lWo6YdgFIW68Y&google_hm=PQoZjr0CxVs22-YI9aAMLg==
Request Chain 276
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE37nZd49Dk2vSSuM9FhKUQ&google_cver=1&google_push=AehlK4DIXrlGnojeFc2FYZzJc8VIvP6JXkaP6CJyLYp8zUNOcQuU8HJOEmScZ9ySq78kDybCbtJZljyzI57RxyQjU1k4eqkDFn7M7MPBZscureo7QKTl5-W0SaerlAsn2gJb8EUPKhheHwv2fJwEGz24eeo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DIXrlGnojeFc2FYZzJc8VIvP6JXkaP6CJyLYp8zUNOcQuU8HJOEmScZ9ySq78kDybCbtJZljyzI57RxyQjU1k4eqkDFn7M7MPBZscureo7QKTl5-W0SaerlAsn2gJb8EUPKhheHwv2fJwEGz24eeo
Request Chain 277
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGKPy_ptiNaURkZYEAM5-w4&google_cver=1&google_push=AehlK4ABMMx1W1gwz1MZ6ERNUVZ1MycgMcPRukbgl59AwQZWVHYp0pyMkSWugEAyc4msUYAT_PHqbi4CzPHEFzKqtE6BqfxJzLvWgCbrU3CkG5bm8uXGnb5vY0Q9S137S-uYwRK1kuTYGw3k_RhEUHQ6GFY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1MjEzNTU4NjgyNzM2MTAwMFYxMA%3d%3d&mn_hm=MzA1MjEzNTU4NjgyNzM2MTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4ABMMx1W1gwz1MZ6ERNUVZ1MycgMcPRukbgl59AwQZWVHYp0pyMkSWugEAyc4msUYAT_PHqbi4CzPHEFzKqtE6BqfxJzLvWgCbrU3CkG5bm8uXGnb5vY0Q9S137S-uYwRK1kuTYGw3k_RhEUHQ6GFY&gdpr=&gdpr_consent=
Request Chain 278
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEGYfr0WR1v-bS8MLIcI4Ndw&google_cver=1&google_push=AehlK4DOOBexJMtnomVXcc3ERGdf7Mw3fkaJmuHWZDnpKYk0fUwDd5IOjK7wskH6HuUkOl798xdPF3dy8xh3xpAAwqMs2HYimTRjfc4uuaSTUCZCzVOHx15xAVAWu3W7TNUmiPHQ1usFN2F9RvOJerOMcSM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DOOBexJMtnomVXcc3ERGdf7Mw3fkaJmuHWZDnpKYk0fUwDd5IOjK7wskH6HuUkOl798xdPF3dy8xh3xpAAwqMs2HYimTRjfc4uuaSTUCZCzVOHx15xAVAWu3W7TNUmiPHQ1usFN2F9RvOJerOMcSM&google_hm=9cdfbf5ebc64bea09c84f0291670f3a0
Request Chain 280
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDPANVIxjEOKHNc5UbKwsC4&google_cver=1&google_push=AehlK4CqOn3EmjZtPVBPN3HDpuuYFKTxQdBaN4H8YPcTbY7YVC5fiHhVEunasqLuc9red4JbFzBL4mGsT7IHFyzhegFd4et8a4qiKPO9hhuK-8hSitZbubL32401GO-9LiBlSIRJcD_wBOrTMNlEKP2-1n0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CqOn3EmjZtPVBPN3HDpuuYFKTxQdBaN4H8YPcTbY7YVC5fiHhVEunasqLuc9red4JbFzBL4mGsT7IHFyzhegFd4et8a4qiKPO9hhuK-8hSitZbubL32401GO-9LiBlSIRJcD_wBOrTMNlEKP2-1n0
Request Chain 281
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4A7hsCgkl44d59xoNHh4rv4qLX1MrkMJYUy8PialyDrKrevtYJsK89auSzNU9oXWw8lAAZXpI48bOFBmg2-CHpNEJpKdsR4Y84trzOYm0xSa_HSRNqlWjk_8xYzivbZql63LrGl7mimZ-rc5Cc2C9E&google_gid=CAESEH6yAQO3vdfMi-3T90GWJVM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4A7hsCgkl44d59xoNHh4rv4qLX1MrkMJYUy8PialyDrKrevtYJsK89auSzNU9oXWw8lAAZXpI48bOFBmg2-CHpNEJpKdsR4Y84trzOYm0xSa_HSRNqlWjk_8xYzivbZql63LrGl7mimZ-rc5Cc2C9E&google_hm=AXNrqVC64PEyks8ADsd_u28P9MA
Request Chain 283
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEORjrfTlQw3TH0ICm2pFRCw&c_param1=AehlK4Coz1xEP3ESSQFqnZyQrNNdRmgiDJQXC-orhgwX4NWl6S-TDlwQXLRLiF49sHwenYChYumIRhYCVlMecrRVOF6cF-cZc11bpM3nQ8-bsuZV1Y19RxzlnUdQtxPEB3fZVgyJ84CT4_GV-ni7UZkLU6I&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4Coz1xEP3ESSQFqnZyQrNNdRmgiDJQXC-orhgwX4NWl6S-TDlwQXLRLiF49sHwenYChYumIRhYCVlMecrRVOF6cF-cZc11bpM3nQ8-bsuZV1Y19RxzlnUdQtxPEB3fZVgyJ84CT4_GV-ni7UZkLU6I
Request Chain 284
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBgyRxTypVzcuq6EdQDlHsY&google_cver=1&google_push=AehlK4BZSaW1RQpdLKbbN89ccMfiqNx67YvfjFopcPaucL_v9uDOy52hiKG4988z0B1H7JUz66gy07qqOdqj7usHFNYIUdc0KKWXzvxEridcaoeExHIN-0cHRnUw5xSXM6m-3Y5OVbizT3k2AeJxYLBiHCc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BZSaW1RQpdLKbbN89ccMfiqNx67YvfjFopcPaucL_v9uDOy52hiKG4988z0B1H7JUz66gy07qqOdqj7usHFNYIUdc0KKWXzvxEridcaoeExHIN-0cHRnUw5xSXM6m-3Y5OVbizT3k2AeJxYLBiHCc&google_hm=PQoZjr0CxVs22-YI9aAMLg==
Request Chain 285
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEGYfr0WR1v-bS8MLIcI4Ndw&google_cver=1&google_push=AehlK4DI0nzEV7YDIyAl4AAjIsjOkixuDEUIXHmE7LMy4kwOWug5I9Co7ywTyIQ7ji5Ggmp-Eml693ysjVwBCzXQapKZveQX6pNf257etm-kwJx8xS9wAuhUuuKKrQvB2qnxwEQ30DMTWYZAc5pVOWd5Ybg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DI0nzEV7YDIyAl4AAjIsjOkixuDEUIXHmE7LMy4kwOWug5I9Co7ywTyIQ7ji5Ggmp-Eml693ysjVwBCzXQapKZveQX6pNf257etm-kwJx8xS9wAuhUuuKKrQvB2qnxwEQ30DMTWYZAc5pVOWd5Ybg&google_hm=9a2d420f17da8bfca7a26f1f26688803
Request Chain 286
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELwD6cOoyHsNW54N2nTTLUM&google_cver=1&google_push=AehlK4BBM7hHqD3ZvhiPZnW_on94bNGXjyk0aoVNJEe3VxHHqIJMc_nfFz6fWRdimFDKY5WnimZeUgpVID4lNwH0a84_Gk1cuUaUeYUaCHqeuGI8ZizDwK-c9PQCvSfNtOOwd_FfSAoDU87zVLTqgncQoyEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MGM3ZTFjZWMtZDc4Yy00MjhkLWI0MWMtNDVmMTEwNGM5ZTFk&google_push=AehlK4BBM7hHqD3ZvhiPZnW_on94bNGXjyk0aoVNJEe3VxHHqIJMc_nfFz6fWRdimFDKY5WnimZeUgpVID4lNwH0a84_Gk1cuUaUeYUaCHqeuGI8ZizDwK-c9PQCvSfNtOOwd_FfSAoDU87zVLTqgncQoyEA
Request Chain 315
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 322
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2675210712107216769&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 323
  • https://match.adsrvr.org/track/cmf/openx?oxid=e25c93b2-1484-7c75-d0af-aabf26b93694&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=e25c93b2-1484-7c75-d0af-aabf26b93694&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3577886c-293e-405c-944c-d97075ba3a83&ttd_puid=e25c93b2-1484-7c75-d0af-aabf26b93694&gdpr=0&gdpr_consent=
Request Chain 324
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxNXdsCo8YsAAGexlzkAAAAA
Request Chain 325
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWOl__l1UuLnks8ADsd_u28P9M8AAAGDA42qhQ
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPjQjB-voBSQUmH0PJkExM4&google_cver=1
Request Chain 335
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=3577886c-293e-405c-944c-d97075ba3a83&dongle=0cfd
Request Chain 336
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTg1MzY3NTM1MTY0MDQ4Nzk3MDU2 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELtYDIzvzs2_kL_mJKxUTfk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 338
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTg1MzY3NTM1MTY0MDQ4Nzk3MDU2
Request Chain 339
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=585367535164048797056&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=585367535164048797056&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2f139299-8d43-41c0-92e5-b41fffac2580&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2f139299-8d43-41c0-92e5-b41fffac2580&_noobservation=1&_expected_cookie=ae882ded06a0cb91abe9fcdcaf4ce780
Request Chain 340
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=585367535164048797056&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
Request Chain 342
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/585367535164048797056?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-EK_gVeNE2oR8wgZHg37j6U1n9RMuDBBohxdqJOQktA--~A&dongle=0883
Request Chain 343
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=585367535164048797056 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=585367535164048797056&dcc=t
Request Chain 344
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=F5oB_OtRontfkRWiiHPq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IY2W6QS7J52FE33OORTGWUSXNFUUQUDR&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IY2W6QS7J52FE33OORTGWUSXNFUUQUDR HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=F5oB_OtRontfkRWiiHPq
Request Chain 357
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 360
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dapx%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3052135596827308000V10&type=apx&refUrl=&vid=22119592483052135596827308000V10&ovsid=6944199299863007354
Request Chain 361
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dopx%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3052135596827308000V10&type=opx&refUrl=&vid=22119592483052135596827308000V10&ovsid=2a70fa2d-bf84-4695-b3e0-d4d19456a448
Request Chain 362
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D%5BRX_UUID%5D&cb=1662211960019 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4068327664 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3577886c-293e-405c-944c-d97075ba3a83 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aac18503-9128-4f77-bfa9-e19b42231c43-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3DRX-aac18503-9128-4f77-bfa9-e19b42231c43-004
Request Chain 363
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Ddxu%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Ddxu%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3052135596827308000V10&type=dxu&refUrl=&vid=22119592483052135596827308000V10&ovsid=ZaL7s3vc1Outgk5
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=3533d218-d8d7-4364-ad08-0ce37055f148&google_hm=MzUzM2QyMTgtZDhkNy00MzY0LWFkMDgtMGNlMzcwNTVmMTQ4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAdP3zqYMueZKITL3muGu2I&google_cver=1&ssp=medianet&bsw_param=3533d218-d8d7-4364-ad08-0ce37055f148 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3533d218-d8d7-4364-ad08-0ce37055f148&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 366
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dzem%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=F5oB_OtRontfkRWiiHPq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKGGVXUEX2PORJG63TUMZVVEV3JNFEFA4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZDEMJRHE2TSMRUHAZTANJSGEZTKNJZGY4DENZTGA4DAMBQKYYTAJTWONUWIPJTGA2TEMJTGU2TSNRYGI3TGMBYGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKGGVXUEX2PORJG63TUMZVVEV3JNFEFA4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZDEMJRHE2TSMRUHAZTANJSGEZTKNJZGY4DENZTGA4DAMBQKYYTAJTWONUWIPJTGA2TEMJTGU2TSNRYGI3TGMBYGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=F5oB_OtRontfkRWiiHPq&refUrl=&type=zem&vid=22119592483052135596827308000V10&vsid=3052135596827308000V10
Request Chain 369
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3577886c-293e-405c-944c-d97075ba3a83
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMaFD0Iki0gM5xrBYMyIPjY&google_cver=1
Request Chain 382
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E0ZWVjYTJhZThkNDNmOGZlMTIyMDJjNTUwOTgyMzUwOWMwMDZlNQ
Request Chain 384
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7LY2WFG-M-DJH0&sigv=1&esig=2~f8cb73f6baaa4eac52971d8030de74fc8ae43bdf
Request Chain 385
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3577886c-293e-405c-944c-d97075ba3a83&gdpr=0&gdpr_consent=&expires=30
Request Chain 386
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/oRd0AKLG48uyS7_v1E4hhQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7763518324919957673
Request Chain 387
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7LY2WFG-M-DJH0
Request Chain 388
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdMWTJXRkctTS1ESkgw
Request Chain 394
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 395
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7LY2WFG-M-DJH0&gdpr=0&us_privacy=1YN-
Request Chain 396
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6944199299863007354
Request Chain 397
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FQSsCRZHT0JD8YfhQeuHOUGH
Request Chain 398
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FQSsDLZHYUn0rvfkRa2unv-t
Request Chain 400
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1662211960020 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4378964656 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3577886c-293e-405c-944c-d97075ba3a83 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aac18503-9128-4f77-bfa9-e19b42231c43-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3DRX-aac18503-9128-4f77-bfa9-e19b42231c43-004
Request Chain 403
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F12%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D1f739e44-145a-457f-9b15-d55fe65ef707%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/12?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=1f739e44-145a-457f-9b15-d55fe65ef707&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=6944199299863007354 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F12%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D1f739e44-145a-457f-9b15-d55fe65ef707%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 404
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-EBMKLhFE2uF2nLB.tcXbKblRyA4pMxw8kr_tE7U-~A
Request Chain 405
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS00YzlhZjAyMS1kMDkwLTMwY2MtOTAxYi0xNDk5ZWI5MTNkZmYqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNGM5YWYwMjEtZDA5MC0zMGNjLTkwMWItMTQ5OWViOTEzZGZmMgISBjgB
Request Chain 406
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-EBMKLhFE2uF2nLB.tcXbKblRyA4pMxw8kr_tE7U-~A
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN_kd76g9E4DddngOdonov4&google_cver=1
Request Chain 413
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB&dcc=t
Request Chain 414
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3577886c-293e-405c-944c-d97075ba3a83&expiration=1664803960&gdpr=0&gdpr_consent=
Request Chain 417
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3786d201-0638-8105-64aa38f5
Request Chain 419
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677850360&external_user_id=b59afb0a-0cde-4ac7-92d3-9ef3c06082a3
Request Chain 425
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
Request Chain 426
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=310510e8b72a20a3&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMNg52iAe05wNbe8xTAAAAAAA&expiration=1662298360&is_secure=true
Request Chain 471
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=3577886c-293e-405c-944c-d97075ba3a83

478 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
www.bg3.co/a/ 		60 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
685f0aba1a976fc67818b86b8fbd3343a3dc3004f0e3882d7998e90df73bef90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 03 Sep 2022 13:32:29 GMT
ETag
"ef3a-jyAK/aYC9kY7RVS0KZ8CKDVb908"
Expires
Sat, 03 Sep 2022 14:32:29 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
bca94656e61292b4eb642b03b34643ebba2b1a9c16773c7b09867e54c64eb169
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72538
x-xss-protection
0
server
sffe
date
Sat, 03 Sep 2022 13:32:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"0fe753bb81d7483b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 03 Sep 2022 13:32:32 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d8eeb1bd08c3a6a176a73f7c3b79dc20105563ab7536338977adf9673017666b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9670
x-xss-protection
0
server
sffe
date
Sat, 03 Sep 2022 13:32:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"50b10b3b7194dc10"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 03 Sep 2022 13:32:33 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
cb55731c4f27b1485ec8856fca81fc4b294f4245780339351b70278b3d3dd0f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7575
x-xss-protection
0
server
sffe
date
Sat, 03 Sep 2022 13:32:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"4216319a3e32d9aa"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 03 Sep 2022 13:32:30 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
6574cc9aee2e78026c53eb9620a1d35cc911baed9e8f6742a9b59bb9bcfd5a4c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31988
x-xss-protection
0
server
sffe
date
Sat, 03 Sep 2022 13:32:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d9a9282eb176ac2c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 03 Sep 2022 13:32:31 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:31 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7eUZeQ4jOZKkLfsa1sILQ1tVOzklhv00hSWcw7etFFQh7Mn7Pkc9RyTGhC82mnbpGWFjJZo0HHXz5nHetjoHOovVEPCoh6j9JLHMDp9MgbkYa0PhiC96RNpOOnapK41UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
744eda164ac7a8ca-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
accept-ranges
bytes

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.34 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-34.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 03 Sep 2022 13:32:31 GMT
content-encoding
br
last-modified
Sat, 03 Sep 2022 07:00:17 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=22, origin; dur=898
x-cf-geodata
AU
content-type
application/javascript
content-length
9527
expires
Sat, 03 Sep 2022 14:32:31 GMT
adpushup.js
cdn.adpushup.com/42753/ 		514 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.148.48 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a173-222-148-48.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 03 Sep 2022 13:32:30 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 02:59:53 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8
x-cf-geodata
AU
content-type
application/javascript
content-length
120977
expires
Sat, 03 Sep 2022 14:32:30 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:31 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1662211951.dop110.la3.t,1662211951.cds229.la3.hn,1662211951.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4024
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufOiADZUgwPWKSkQbuxHU7phIUaFATcKH69tFhY5O8petR6JUo1MAS2FBHxFVXaZbql4IZd9HGKwJqF02pI7AuonCksCrTiPfVC7p16o796nGRqo6J1du9NWGC7F%2BX3RaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
744eda179b52a8ca-SYD
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
f9723d3f41444061b801c833bb798bd89f1c4e1333612c639c347d2284ccc3dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:32 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
f9723d3f41444061b801c833bb798bd89f1c4e1333612c639c347d2284ccc3dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:32 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.37956858870898813&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 13:32:31 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.6887607253713885&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 13:32:31 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:31 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1662211951.dop110.la3.t,1662211951.cds229.la3.hn,1662211951.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AB8D 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
cc11299cb7cf9a97e54274a0f324b2a1867f2ab113f0a3cb88aea48bf30c9990
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40122
x-xss-protection
0
server
cafe
etag
15068329406587518889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 13:32:32 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AEE8 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
21c3bf4ffebf735d5837b74b48038fab458f26c414df43e0315fa424c966aecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40140
x-xss-protection
0
server
cafe
etag
13040780813344922698
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 13:32:32 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 5444 		714 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6834
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
744eda1d6b376a45-SYD
content-encoding
br
content-type
text/html
date
Sat, 03 Sep 2022 13:32:32 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1I1%2FQ4lMa5RHHYd9s6pn0tO%2BJvl%2FkpA%2F6OtETRdzQ2NSrVwizHY%2BVm4Q8fLO0u3xi1umJrl%2Fttnp2%2FceUnmPe478J%2B3Bb00j9eRjJA33wyzCmKL3%2BdV9CRz3v3i5WGmDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:32 GMT
connection
close
content-length
35
content-type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame BE19 		714 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6834
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
744eda1d8b4b6a45-SYD
content-encoding
br
content-type
text/html
date
Sat, 03 Sep 2022 13:32:32 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhDv8EaYwAa8rz5daYkZydvT26i5DzqILOq8pf4vcSPCLEJEPrxl9%2FaQLARXWN0Q0msYr8KD5ztRDPVdHnWGbIq%2B%2B6clUDQHty5ZBr303Q%2FczQFZUnVRbp1czgFWdU74%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pb.42753.1661278076254.v6.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.148.48 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a173-222-148-48.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 03 Sep 2022 13:32:32 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 18:08:10 GMT
server
nginx/1.18.0
etag
W/"6305178a-557f3"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-type
application/javascript
content-length
93716
expires
Sun, 03 Sep 2023 13:32:32 GMT
04043a89-e327-4677-b321-dd319fa3af55
https://www.bg3.co/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/04043a89-e327-4677-b321-dd319fa3af55
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5444 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
88f2e367789f9e3dc6136512100cc3837dba840434b58abd05987a4822fd117a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28529
x-xss-protection
0
server
sffe
etag
"1322 / 769 of 1000 / last-modified: 1662156516"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Sep 2022 13:32:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BE19 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
88f2e367789f9e3dc6136512100cc3837dba840434b58abd05987a4822fd117a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28529
x-xss-protection
0
server
sffe
etag
"1322 / 873 of 1000 / last-modified: 1662156516"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Sep 2022 13:32:32 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1662211952393
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.34 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-34.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 03 Sep 2022 13:32:32 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=12
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Sat, 03 Sep 2022 14:32:32 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ Frame AB8D 		343 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
21f84c1b44777fea6bf0fe447f77d4e8543e7e39d04ec459573a3f8e907463d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123675
x-xss-protection
0
server
cafe
etag
14746407861686230604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 13:32:33 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/ Frame AEE8 		344 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js?bust=31069330
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
f96e5df70a9a3759af68518c738fafb4c417ac0e0eb1fe51bf6532bd24f1c899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124222
x-xss-protection
0
server
cafe
etag
11980691539898738179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 13:32:33 GMT
pubads_impl_2022090101.js
securepubads.g.doubleclick.net/gpt/ Frame 5444 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 11:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131916
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 08:36:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Sep 2023 11:11:29 GMT
7ffa1962151c5b6f6213bcde9744a394.jpg
static.bg3.co/imgs/202106/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7ffa1962151c5b6f6213bcde9744a394.jpg?w=800&h=537&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d60fce0db7574e669fbd0eaf201595a8daa2e9169c0240e66079fe544f19ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 22:50:14 GMT
server
cloudflare
etag
"7FFA1962151C5B6F6213BCDE9744A394"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I50k0dXeD712%2F2TFTsoyPE1xqQ1OXu2deJ2CJujGCovqQAkF5eLiKAKmw3aLr1JvRnZDEdkaJrjdkCwNn8sIE%2BcdO%2FiZAjbszxgLqLz%2Bf4iSWdpqvPZlP1gBR%2FBZgIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda251bcba967-SYD
content-length
107125
expires
Sat, 10 Sep 2022 13:32:34 GMT
d129e6963cae4ae281a5a7b5094a3d34.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d129e6963cae4ae281a5a7b5094a3d34.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62bd0797ba2a5e2c1f77980c1a5a397fa01c7eada051e3872a3ee214007c2eca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:33 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 16:33:50 GMT
server
cloudflare
etag
"D129E6963CAE4AE281A5A7B5094A3D34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcNLX0WaZMfOl0KMnZOEHN78bB%2FmqCEkBkUmQdV1GibgAZGIe9NFjVlChaSCFa2I5q%2Bs%2Bz84w4eJldIBij26sCsL5nWTEkdI75quojr7pKttbIDHy4O1y2yMicXO1iw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda251bcca967-SYD
content-length
6801
expires
Sat, 10 Sep 2022 13:32:33 GMT
34120e2e80b389efd19f00fd840e5998.jpg
static.bg3.co/imgs/202106/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/34120e2e80b389efd19f00fd840e5998.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36fc2f21d6dba7d01e4e73761c26b7a99fcdb86f5179896cabbc1bc76bd05ddb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 20:50:08 GMT
server
cloudflare
etag
"34120E2E80B389EFD19F00FD840E5998"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm7NcmsxIWTz34vOa8z0hMPdX29uq6JDOShhpuAsFRTfeP5rZJIrqMJWKWqe%2BJLNN0oSwBLhzItmJa%2B7ke9%2BI3lF1nfpPiDw2GlurrD9dKifFC4ciJ4sYTTYt41fkQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda251bcda967-SYD
content-length
6338
expires
Sat, 10 Sep 2022 13:32:33 GMT
6d3d150e1a97a91f49420c11d4b6e80c.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6d3d150e1a97a91f49420c11d4b6e80c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed661b4a01bb72f8ce9cbca7a333dcc66f71beea426cd51655eb44922ac8a92

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 22:51:27 GMT
server
cloudflare
etag
"6D3D150E1A97A91F49420C11D4B6E80C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCe1S3EyxKwJ59zRKypNR1M1cqVqFGCGqQLN668sxn9%2Bn6LbyB8pU%2Fbycxlsf5iQ8U5JgS5MHeJBCzsnSmPR5ag99qYvsW0LvjQJxrQ1wmvFgKLutYLLv0f7XFtzoPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda251bcea967-SYD
content-length
6960
expires
Sat, 10 Sep 2022 13:32:34 GMT
6e300ffb101be7357bef95a48cd4c9f9.jpg
static.bg3.co/imgs/202106/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6e300ffb101be7357bef95a48cd4c9f9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a701facb7a5dd9dfc5d6eb3a4badeb01b44b3c2378589c341cb328de3fdd0428

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 10:24:00 GMT
server
cloudflare
etag
"6E300FFB101BE7357BEF95A48CD4C9F9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18c8OapkGLIShJMBgXPYeRXDmiKxsyCfhwXWEZXz8Yx86rA9EkSGc4w3Eaz1wC0LVOhMkwHYpXufTccPnD82RZR3OZssBweUhZjfl88iSLQ7vO4x5UTFhfa9wBKAVwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda251bcfa967-SYD
content-length
6415
expires
Sat, 10 Sep 2022 13:32:33 GMT
97d9813ffad86c4192c8f07058cdd86f.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/97d9813ffad86c4192c8f07058cdd86f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e963fdf2fa88a93ec9cc885b68823149ac9abb9ca21a52079b73cd528955a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 21:18:49 GMT
server
cloudflare
etag
"97D9813FFAD86C4192C8F07058CDD86F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QG93sMeg029zoUBV1HT43SLF3EjVp6cpyD65n8GFUH6vMRo3X93%2BVYI7SNIHax9VSFmjPbQ%2Fcn6fTm26OKBuUtOhYY7BLbVU3NwKluOXQI3BJVWGVD%2BNX68PPA0M5ww%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda251bd0a967-SYD
content-length
6938
expires
Sat, 10 Sep 2022 13:32:34 GMT
725324ff856ccef6b77987be23da7909.jpg
static.bg3.co/imgs/202110/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/725324ff856ccef6b77987be23da7909.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb5b30ba88b656faf54215c076acf1f23b4e137052c23d0bb45e2b2b1d6f375

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Oct 2021 01:16:19 GMT
server
cloudflare
etag
"725324FF856CCEF6B77987BE23DA7909"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzFjMya4Pt6fsdoWFKr7ct4oZkgDGkRuvAyWOOIDP5QkcQC%2Fo8ayUfMwX5sgIXnzH2IxKteCH1wkuNH%2B%2B26dIeEmgxBC7EMj%2F%2FSMssUYY2fi5%2F3rk7kbtY3%2BDU%2BwJQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda251bc9a967-SYD
content-length
9563
expires
Sat, 10 Sep 2022 13:32:33 GMT
c8982b7357a07cb585c10b58633b5d3e.jpg
static.bg3.co/imgs/202106/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c8982b7357a07cb585c10b58633b5d3e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
278393c5412c7da49452c093187cda79029c22edce112757ac77d55aba67cd41

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:33 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 17:00:23 GMT
server
cloudflare
etag
"C8982B7357A07CB585C10B58633B5D3E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivoV4CA7zyD3Xf%2FWat5TTfWOue6HGnzffPk%2Fy90InGQcSHksI84Lf572F3KgcRbcecHQ5Kkk3Sizvovqi1U3xJ12CabyWTiGppaoOELjBS8mHnqsri6HtYr2e4c1sPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda251bc6a967-SYD
content-length
2211
expires
Sat, 10 Sep 2022 13:32:33 GMT
074e178b066c22ccab6591a38bbc28ed.jpg
static.bg3.co/imgs/202106/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/074e178b066c22ccab6591a38bbc28ed.jpg?w=800&h=533&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa01d775f27d8b5087f53e503ff46c102899b96f26fa26fd332a1ed0e22fd17

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 23:06:13 GMT
server
cloudflare
etag
"074E178B066C22CCAB6591A38BBC28ED"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BYlKStrHv1D755CiHQgEWYBLKsgzq6qNN1fNn%2Fuir6WZlYXsvEWHBRcvkBcnmRbVG7UjPt3nfT7J92LR9MR%2Ffqkw78TLDKvbz1BrA4lOkKmt2j5er39rPe%2BhGFzycg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc37a967-SYD
content-length
110549
expires
Sat, 10 Sep 2022 13:32:34 GMT
879c0fb8c50e8cbdae0b78a6c8433246.jpg
static.bg3.co/imgs/202106/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/879c0fb8c50e8cbdae0b78a6c8433246.jpg?w=800&h=533&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4c1aa02574f79e199fbb5ff0c950dd05f9c93bd58b3fd35e8fe804cb771420

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Jun 2021 21:25:47 GMT
server
cloudflare
etag
"879C0FB8C50E8CBDAE0B78A6C8433246"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cw3DrUTiNBb8T3O8Xv6Iti4mJa1OcgJnrBIlRZXOIMm6aRph0QvSRsvYqab6byGPElP200K8XmvfqFtHY8N8nHwW9dzTbZJxSsZyySIWkCWi6qdsKECS%2FcfWBvXOVM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc39a967-SYD
content-length
115800
expires
Sat, 10 Sep 2022 13:32:34 GMT
a58b72ac469bfe0d4092abb2abf8ef93.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/a58b72ac469bfe0d4092abb2abf8ef93.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7adc178d8c3372ef22d873ea13d192aa9c90e93e1d5d0baa3e77399fb547ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 13:41:53 GMT
server
cloudflare
etag
"A58B72AC469BFE0D4092ABB2ABF8EF93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1x%2FWD%2FllXN9VviDHETZAlwW0lzJ%2BVL1PJQUQ%2Fd2HE3arEycaxrCU7UEk1x8cDksmQgpDbv%2F3JOQPJSSyC6FO99ks%2Fz10DCym0YERX8GLpmGsSm5K92oGTpsx2YJDbWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc3aa967-SYD
content-length
6155
expires
Sat, 10 Sep 2022 13:32:34 GMT
dec9c9230d473fa74d82ca8b27590f1f.jpg
static.bg3.co/imgs/202111/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/dec9c9230d473fa74d82ca8b27590f1f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad52b45baad5f30a347e71505dbf9653afcc29e99218c3f4cefed10df4f9b93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Fri, 26 Nov 2021 03:30:58 GMT
server
cloudflare
etag
"DEC9C9230D473FA74D82CA8B27590F1F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Igl4vl%2BJ5LDVHUDFSk1Lnn2%2BJPJkeleTnuOOTohH4vvwCskNxdu6fkH%2BnTu7PsdFbpdLJol8qTvUrqM3YYEO94lhba4rfBUjCdeCYMPhiBRTXHVA4RMBrYUJy4WgfFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc3ba967-SYD
content-length
11786
expires
Sat, 10 Sep 2022 13:32:34 GMT
53914d2bc9825fd00c6b43fb071923df.jpg
static.bg3.co/imgs/202105/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/53914d2bc9825fd00c6b43fb071923df.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea40d5d3240ec4e3f756cc5a965a9f2a8c8dbb53bf298bc8a79c14508085a1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 12:08:59 GMT
server
cloudflare
etag
"53914D2BC9825FD00C6B43FB071923DF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQ%2F8es%2Br%2BotxxhH9eCIANRhjq%2FOElafQvWgOSyoHdgK8lAscG59tgwDEvIS5T0BG0sQavtwwc3NNSc8MQmA37rCPpOFnxK7QFnKADJTQRO0qd634scAaf55bp0dN00Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc3ca967-SYD
content-length
2539
expires
Sat, 10 Sep 2022 13:32:34 GMT
cee9bec1f739eea8a2f375a1960efbcc.jpg
static.bg3.co/imgs/202105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/cee9bec1f739eea8a2f375a1960efbcc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7701d8766921f2a35bccc59d08bc6997b1604c954f279a921720486d44c3e0be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 12:29:33 GMT
server
cloudflare
etag
"CEE9BEC1F739EEA8A2F375A1960EFBCC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShD81z29lxOWhYPMg2G5Jl65ASwgGtuBPrrtvOTILyY4SDdQl1UtJy3%2BuoIvRpSa4PGHhO%2FqnR63ueIb5ufw5QZ36e3ZyfMl3ipXmytuh934HrqGc2JneNuc0pXgwuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc3ea967-SYD
content-length
3279
expires
Sat, 10 Sep 2022 13:32:34 GMT
acea2ed41ac3b50d24ebf3e0d4203ce7.jpg
static.bg3.co/imgs/202105/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/acea2ed41ac3b50d24ebf3e0d4203ce7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3930d932942d34ed96b91b22b40a9ad6bf659694f2a07b46400b0416286df9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 03:19:34 GMT
server
cloudflare
etag
"ACEA2ED41AC3B50D24EBF3E0D4203CE7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgaQnwWmUpkA72C8VncF6gvWHeSmEEqxLZSv%2BqZNJt2kYCABfh6rrjfCEUcmdgl41XDAlrivwGJ85INHT4DIL2joQW8xlniiaJSUzz82GgBzDerbgqeIT%2BTIIwWREHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc40a967-SYD
content-length
38831
expires
Sat, 10 Sep 2022 13:32:34 GMT
ed9b43277f9bcfd47369060b7d544558.jpg
static.bg3.co/imgs/202110/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/ed9b43277f9bcfd47369060b7d544558.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
158a149d291e8da3855543304eb1b2f10d01f08b44c999729fbc7ab6cad04d7c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Oct 2021 09:52:29 GMT
server
cloudflare
etag
"ED9B43277F9BCFD47369060B7D544558"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR2zpU6LFcx8qy7DKPJtEDE%2FaS5e9bkfIyCo9rvg5mdOEKTb%2BGQkWUyvIA9cYOwowHilT2%2FoQ%2Bb%2BQ8YXg6ePmcRC9jOjugYNsJ%2BYCuS3CjafboJo2HZFOfs9JeKYZbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc41a967-SYD
content-length
7742
expires
Sat, 10 Sep 2022 13:32:34 GMT
db3c7f53210cc063a35b79efe43157de.jpg
static.bg3.co/imgs/202105/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/db3c7f53210cc063a35b79efe43157de.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb701d9e3ff011da6987772f25e72e27cfc0e085a468529a48dab2c109850cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 07:53:36 GMT
server
cloudflare
etag
"DB3C7F53210CC063A35B79EFE43157DE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZj5v7CjoojiQCwCqDrRzv1pjIxoCbdXJ6HRW%2Bj1GH8iZuc4YmxgqfeAV9%2B0Y6dCErzs5S4SpaY%2Fhsuwl83xzJLj%2Bis95rRuFIM%2B8vNdVld24TCnUVswRkk6EIhF6K8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc43a967-SYD
content-length
10735
expires
Sat, 10 Sep 2022 13:32:34 GMT
cfd6490a3c98087d93446b82045f4456.jpg
static.bg3.co/imgs/202111/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/cfd6490a3c98087d93446b82045f4456.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb9eb21741f48b801ce27ecbe566c31144159f76d7024373685f34b60c2d356

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Nov 2021 14:43:35 GMT
server
cloudflare
etag
"CFD6490A3C98087D93446B82045F4456"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKeGFZQmtcVGPj5oKbPqpPyvWswMcLLxJLOJb3BP%2BkOU57%2FN6xr0LdvY8P1MmB5m0S2FeZxG1rptRfzIqgsw88MxbHsHIiLFW8hq0obHOCeGn3450eOFmDLw%2BhYj1kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc44a967-SYD
content-length
8566
expires
Sat, 10 Sep 2022 13:32:34 GMT
89b52b63623d51c53ced14150fffc880.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/89b52b63623d51c53ced14150fffc880.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f6d34a706b2a89b6ee4ddf89307aa9490545f3ecb230f9e81655206cb860b2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 08:35:57 GMT
server
cloudflare
etag
"89B52B63623D51C53CED14150FFFC880"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WztVNni2hldMUyTZDe6XPa6%2FaXkUFjY%2FeHLQpJAb%2F63BX7LEYb6BJ6mFT6yIGartBtjQoHBgfWeQKB5CFshdAlLvHEIvfAWdEuI599SjHTbOLq6IsSFAGDskkMMj7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc45a967-SYD
content-length
8740
expires
Sat, 10 Sep 2022 13:32:34 GMT
038dcd043d559b591f8dc17ddb61c3a7.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/038dcd043d559b591f8dc17ddb61c3a7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd79d361abc83400bdd56eddff6192bd7b06fbee16d2126014a49586e767f31

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 11:58:54 GMT
server
cloudflare
etag
"038DCD043D559B591F8DC17DDB61C3A7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeEppgf476aCVOVcK4JC35DITObDM7OWQYsDK4yvYnzjpjZlLcbF6gUrpQnx5l0uzQmwCXoA4Pxx4TyghnM9tD4wfysZB2MYW4nFn42FW3GR8OycW00pWwIQRaPTNWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc47a967-SYD
content-length
3868
expires
Sat, 10 Sep 2022 13:32:34 GMT
9e71f2e6ca3e079373253186e3313f8f.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9e71f2e6ca3e079373253186e3313f8f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59baee5909dbb33bdb7040412abb5a18c36dc1c17bbb7a04d1eb41a363798d25

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 12:44:54 GMT
server
cloudflare
etag
"9E71F2E6CA3E079373253186E3313F8F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1T28Z7Zd%2BUmU4aEyMP8h3fhjlZ97M0oEZA7xQy1ovv%2FGB%2BoPpxuRHgIbhhKw%2FADEUSjaQ0qOovlPZOlZgmaXkg%2BS4WcaKBOaabGR%2FjZiN6k5E0aw2slTCsmAApR1Vs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc48a967-SYD
content-length
7536
expires
Sat, 10 Sep 2022 13:32:33 GMT
c1425e4451d7ac7b9e82135a8bf5a8a7.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c1425e4451d7ac7b9e82135a8bf5a8a7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b0c5c60bc1352f5e630a9d859e21660f679cf9c958326e3582d89f1dd7c25f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 12:44:30 GMT
server
cloudflare
etag
"C1425E4451D7AC7B9E82135A8BF5A8A7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOO96FlL3OrGSWsPqKJ6eprMFBblPCAAa9oI03tg2OtR7IwOWeGcTC8Yht%2FxMoqnh%2F99CK9Ehj5JrCOBLq0zcY5muQ6vRR9s2B76y9RvmfEyNgKNcHZDa9V95DE4Nos%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc4aa967-SYD
content-length
7143
expires
Sat, 10 Sep 2022 13:32:34 GMT
65565e93e92eb507f3c540046f64f3da.jpg
static.bg3.co/imgs/202105/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/65565e93e92eb507f3c540046f64f3da.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3417a9cafe01ecf8a924f27b2a5ff82caaaee059e140f4225d8b6cb8d9e38881

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 08:20:43 GMT
server
cloudflare
etag
"65565E93E92EB507F3C540046F64F3DA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDI4ydzkSpQcRc1CiXYjgJiC%2F86VROuTdEVKbnt7hnIciuUV%2F0GtC6T8MjhcAxmjhHRmKslTuXVvJ1KUL9Msicb4k%2FN17q2zkYPx%2BxjjTc372K1X%2F9vliY3%2B7EU7Kgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc4ba967-SYD
content-length
10670
expires
Sat, 10 Sep 2022 13:32:34 GMT
90f6149bc8c63c60c84ef2d3bc6c4342.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/90f6149bc8c63c60c84ef2d3bc6c4342.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7f1a3e446a5b6d6da1e48948317007b71540c317f5f9a5499c63d19400b7fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 23:36:55 GMT
server
cloudflare
etag
"90F6149BC8C63C60C84EF2D3BC6C4342"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FddK2xwpQypSL6d%2F3w%2BMnmC2BW0JN93V2T1O7fG6bCdeKw%2FNpItZVMOJF4SDIXxLpUTJEuqp04HklY5EGj%2FwsWf9kDI7H6JfY9YX7e3XR9F2DK3Zb9v9Ph8rp27O0mU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
744eda25bc4ca967-SYD
content-length
7894
expires
Sat, 10 Sep 2022 13:32:34 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208172101000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208172101000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c732292cc98dcd49503c29accc119f7ff0ac5d4542638ab02cc823b9cfe69e89
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
320339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2980
x-xss-protection
0
server
sffe
date
Tue, 30 Aug 2022 20:33:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3fc8520bf2a0bce6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Aug 2023 20:33:34 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208172101000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208172101000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
9f3da66cb23e99d8e28ed07259b1bdb7c04e642d08f286d8123111c060a93b62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23037
x-xss-protection
0
server
sffe
date
Sat, 03 Sep 2022 08:54:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"acba61fa4c33da08"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 03 Sep 2023 08:54:03 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e9153aae090fb471370191a616096f502541fb6523ba7957f9be38f195af78a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
517
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208172101000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208172101000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
2c587e7c518409f146af4c8f868c90ab8bff1c9b970b55ce77dd6a106630ac68
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
320339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
server
sffe
date
Tue, 30 Aug 2022 20:33:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e2f27b81ce8feca3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Aug 2023 20:33:34 GMT
pubads_impl_2022090101.js
securepubads.g.doubleclick.net/gpt/ Frame BE19 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 11:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131916
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 08:36:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Sep 2023 11:11:29 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.148.48 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a173-222-148-48.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=46
content-type
application/javascript
content-length
211
expires
Sun, 03 Sep 2023 13:32:33 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.148.48 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a173-222-148-48.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=47, origin; dur=220
content-type
application/javascript
content-length
17440
expires
Sat, 03 Sep 2022 14:32:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
ec6e81668d615796d873b875fa0c6d1b5ef322b50c9edf16b83a3ca3b85d5402
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28556
x-xss-protection
0
server
sffe
etag
"1322 / 217 of 1000 / last-modified: 1662156382"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Sep 2022 13:32:33 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjIyMTE5NTMzOTksInBhY2tldElkIjoiMDAwMEE3MDEtNzIzYmFlMGEtMDJjNC00ZWZjLTgzMjItNDg0MjdlODhjMTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Fpbi1mYW5nLWNhaS15aW5nLXdlbi1tZWktY2FuLXlpLXl1YW4tamlhLWRlLW5hLXR1LWZlaS10YWktYmVpLXRpbmctY2FuLXl1LWd1by1qaS10YWktd2FuLXNoZW5nLXlpbi1oZW4temhvbmcteWFvLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjIyMTE5NTMzOTksInBhY2tldElkIjoiMDAwMEE3MDEtNzIzYmFlMGEtMDJjNC00ZWZjLTgzMjItNDg0MjdlODhjMTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Fpbi1mYW5nLWNhaS15aW5nLXdlbi1tZWktY2FuLXlpLXl1YW4tamlhLWRlLW5hLXR1LWZlaS10YWktYmVpLXRpbmctY2FuLXl1LWd1by1qaS10YWktd2FuLXNoZW5nLXlpbi1oZW4temhvbmcteWFvLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjIyMTE5NTMzOTksInBhY2tldElkIjoiMDAwMEE3MDEtNzIzYmFlMGEtMDJjNC00ZWZjLTgzMjItNDg0MjdlODhjMTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Fpbi1mYW5nLWNhaS15aW5nLXdlbi1tZWktY2FuLXlpLXl1YW4tamlhLWRlLW5hLXR1LWZlaS10YWktYmVpLXRpbmctY2FuLXl1LWd1by1qaS10YWktd2FuLXNoZW5nLXlpbi1oZW4temhvbmcteWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjIyMTE5NTM0MDQsInBhY2tldElkIjoiMDAwMEE3MDEtNzIzYmFlMGEtMDJjNC00ZWZjLTgzMjItNDg0MjdlODhjMTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Fpbi1mYW5nLWNhaS15aW5nLXdlbi1tZWktY2FuLXlpLXl1YW4tamlhLWRlLW5hLXR1LWZlaS10YWktYmVpLXRpbmctY2FuLXl1LWd1by1qaS10YWktd2FuLXNoZW5nLXlpbi1oZW4temhvbmcteWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjIyMTE5NTM0MDYsInBhY2tldElkIjoiMDAwMEE3MDEtNzIzYmFlMGEtMDJjNC00ZWZjLTgzMjItNDg0MjdlODhjMTMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3Fpbi1mYW5nLWNhaS15aW5nLXdlbi1tZWktY2FuLXlpLXl1YW4tamlhLWRlLW5hLXR1LWZlaS10YWktYmVpLXRpbmctY2FuLXl1LWd1by1qaS10YWktd2FuLXNoZW5nLXlpbi1oZW4temhvbmcteWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220903
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db4cf55d1980b81d43631aa03921ec781804b30e0e7bce704401cf754027d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37891
x-jsd-version
1.0.1451
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19132-FRA, cache-cdg20763-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"668-JX8fHgyAXn8FwGbY03zZbwIIBIQ"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMbvIgQzBsUXkCxCInbGlTyQOFyb9R%2FjfJjtJln1yEbZvBkYQZ8LfN6mZwuIDqxV950GTlCTyNLzJZo%2BqAdBUfI8tvH05VAqAMTr%2BIaVlAT74MLVzbGIfXNsuY5yy1FSaV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
744eda26bcaedfb9-SYD
access-control-expose-headers
*
cygnus
htlb.casalemedia.com/ 		36 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221aba179cc9ef96%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22805e07b55f138d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22110fc63b4d4fd9d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22125dfe143724522%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2231f0aceb-bd03-4382-8a79-6257429e0569%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5034fd91515d835db5b5c9a630af39ea1ddc85a60d7a1c1a974808f70046ada

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZjGXTl%2BnkGKh%2FbZr5sRbw5BMxv7Fw%2BsBi96ygGDcy9TS7Te7KlqfRo6U8aBm3MEDSJ5I9kXnXVZ8V6FEj%2BaBBXrqzHhhx6st1PmJLRivQkaotsZMTC89ZDZhvQ7TPij3eXTD1U4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
744eda26ec3aaad2-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221aba179cc9ef96%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22110fc63b4d4fd9d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22125dfe143724522%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2231f0aceb-bd03-4382-8a79-6257429e0569%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5034fd91515d835db5b5c9a630af39ea1ddc85a60d7a1c1a974808f70046ada

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptIh39zrEqKd9%2FwY8Yv66fFvpjbFmF9dy655uUllsGBwRFmGrjWdl%2Bm63aS8%2FPjAnPwe3v8iOtWCRvzeiJyRGw8OFeeFX8a2CTxxXyg0ov87skRS7KEckUjUn2dmB5Ud5bwdMTQF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
744eda26ec3caad2-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 03 Sep 2022 13:32:34 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
prebid
prebid.media.net/rtb/ 		1 KB
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
90497e8894f66d775cec1a1af59de62f34e80cef869875f53e9cfb5f36b8d78d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
112
alt-svc
clear
via
1.1 google
arj
adpushup-d.openx.net/w/1.0/ 		173 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=75154b8b-14f9-4031-b157-1454e3c51c05%2C04ecb92a-8763-4245-b1b0-b0a1506210d4%2C5714356a-ee47-4396-b0f9-80f249ca8290&nocache=1662211953489&pubcid=31f0aceb-bd03-4382-8a79-6257429e0569&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
fc3ae3e89d44a2aab1be610f586cd0b0a350f7dfb7b7b129963e1d3f6be8ac3e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=61939999-22d4-4f25-a9b6-57a241e3a880&nocache=1662211953490&pubcid=31f0aceb-bd03-4382-8a79-6257429e0569&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d0dc9119-7066-4b83-8586-d4c9856b1e81&nocache=1662211953490&pubcid=31f0aceb-bd03-4382-8a79-6257429e0569&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=224539d7-883d-4a38-8009-d6b33a332cde&nocache=1662211953490&pubcid=31f0aceb-bd03-4382-8a79-6257429e0569&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:33 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		59 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:35 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.188.129 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-188-129.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:34 GMT
accept-ch
sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.61.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
59cce23d8d40dfee2cd3839396eab06402ff6a35e2c9f70c4a255c367cf89a21

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.61.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
0d2134126a0ba50241d08851437451c8fae095907dd2cd849fb472bcc4d06efe

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.61.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
fc935e4d67f62d6ea35b7733a53d6d5872e182a66ee0550d0c213395d98fb4cf

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=31f0aceb-bd03-4382-8a79-6257429e0569%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=8e765d10-2423-43f7-89bf-7275a170b015%3B050d4a35-a1a4-405e-aeb3-784593138fde%3B8120f524-fbf7-49be-9957-5f02f178d817&l_pb_bid_id=63af04bf2cedc22%3B64361d5b872eacc%3B65ddc23e89b72d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.9438326577120597
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9740978b6bbc1b5edf3294d8feaab7dd5c82cc070b17e17c5df3c225b31452d3

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=76523245245
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Sep 2022 13:32:33 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		0
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 03 Sep 2022 13:32:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
adreq
ads.servenobid.com/ 		818 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6179
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		51 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
65fbeb04ff902a9a0f7ab0d104eb9992d991f776a71b2f1026a97611780ec2c2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 03 Sep 2022 13:32:34 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7fa55bf7-3f1b-4bfb-8804-b74c15fa77ab
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame AB8D 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
61ebc2df6e63dbfbf7195970582958cb9b704dcf915db95a9168ce7e31b3822f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame AB8D 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AB8D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 90AF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1662211953&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
421
content-length
673
content-type
text/html
date
Sat, 03 Sep 2022 13:25:45 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6fa99bf0c83c1cecd58937934e9d3c12.cloudfront.net (CloudFront)
x-amz-cf-id
hM6EXd5z_HJ5jxqDmzeKasKm8weU90EIZ_W31ZVdr6UV0s-1DOO_RA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:34 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
32cf0a8fe53899cf276cb12df8c8f5f1558bfb49a803502eda8296818dafef6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
etag
"3K3nn1ChiYCKxJYFUmbsHw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 10 Sep 2022 13:32:34 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208172101000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208172101000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0de1b9a2d02929a138d97f4ecf50990e00e7cef679b078c3f2f086cf98e96e8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
319834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10238
x-xss-protection
0
server
sffe
date
Tue, 30 Aug 2022 20:41:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3c4e7f8f0c14909b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Aug 2023 20:41:59 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame AEE8 		379 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js?bust=31069330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9a6c205e96ece73911f0a9e621336e9e830780a7cf899074179e2abc8d4ce7fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame AEE8 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js?bust=31069330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AEE8 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js?bust=31069330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 22E9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1662211953&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js?bust=31069330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
421
content-length
673
content-type
text/html
date
Sat, 03 Sep 2022 13:25:45 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6fa99bf0c83c1cecd58937934e9d3c12.cloudfront.net (CloudFront)
x-amz-cf-id
zy3dSYmLRFeXzsnV2_TDZGzODw5YkOi3rfjDA8CDwCEnDL6owBXybQ==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:34 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 5444 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5444 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5444 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=743749482028347&correlator=4318376525597967&eid=31068928%2C31069288%2C31069313&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1662211953934&lmt=1644386353&dlt=1662211952292&idt=1614&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=t3g601m6w730&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1640958764.1662211954&ga_sid=1662211954&ga_hid=477138559&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
9fc5c18f84fa32e730625d1fd0ce690f3551f226abdffcadbca55cc4a5a60413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2358b6d8cf73d9dfcd6fa63e093f9dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 65FF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2358b6d8cf73d9dfcd6fa63e093f9dcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:34 GMT
expires
Sun, 03 Sep 2023 13:32:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022083001.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
sffe /
Resource Hash
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131975
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 08:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Aug 2023 10:55:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 03 Sep 2022 13:32:34 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208172101000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208172101000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
e7f2a7b200f79c2ad72d57e7153da84cc07b06c4518ffef92b537b73ec0f5b9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
319825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57888
x-xss-protection
0
server
sffe
date
Tue, 30 Aug 2022 20:42:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"638aacd5c17d1fdb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Aug 2023 20:42:09 GMT
integrator.js
adservice.google.com.au/adsid/ Frame BE19 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BE19 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BE19 		492 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4290311514371543&correlator=3256956116994949&eid=31068498%2C31068928%2C31069203%2C31069313%2C21068766&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1662211954160&lmt=1644386353&dlt=1662211952305&idt=1845&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=oz61okybcm0d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=593431460.1662211954&ga_sid=1662211954&ga_hid=2015160923&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
327f4e51ae5d9bc27a11d2e927a85771c1d1100a571effae060af81b6a7de57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1290b0ac39d61432252977828d506200.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4A90 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1290b0ac39d61432252977828d506200.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:34 GMT
expires
Sun, 03 Sep 2023 13:32:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtag.json
cdn.ampproject.org/rtv/012208172101000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208172101000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
180841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Thu, 01 Sep 2022 11:18:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9707ef116745842e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 01 Sep 2023 11:18:33 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:25:45 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
age
410
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
DXfaXY26YsprJr-TrD2kaqBFEEo07a7HTxO5oKjmA22j09-XHttRcg==
integrator.json
adservice.google.com/adsid/ 		86 B
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-249157755254426484.ampproject.net/2208172101000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-249157755254426484.ampproject.net/2208172101000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5444 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
921ebc501b943a97cedd028f7785cc8e525f9da41c361b966197211507bd06c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11040
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5444 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BE19 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
2fd3c768a2fa6289b4f0e5375c4745d2eaa8275aef7407e74d8da27182a1bb01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11074
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI3MDAzMThfMTY2MjIxMTk1NDgyMiIsInVzZXJJZCI6IjE5OTYxOF8xNjYyMjExOTU0ODIzIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiODU0NjA3XzE2NjIyMTE5NTQ4MjMiLCJwYWdlUGF0aCI6IiUyRmElMkZxaW4tZmFuZy1jYWkteWluZy13ZW4tbWVpLWNhbi15aS15dWFuLWppYS1kZS1uYS10dS1mZWktdGFpLWJlaS10aW5nLWNhbi15dS1ndW8tamktdGFpLXdhbi1zaGVuZy15aW4taGVuLXpob25nLXlhby5odG1sIiwiaG9zdG5hbWUiOiJ3d3cuYmczLmNvIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZ3d3cuYmczLmNvJTJGYSUyRnFpbi1mYW5nLWNhaS15aW5nLXdlbi1tZWktY2FuLXlpLXl1YW4tamlhLWRlLW5hLXR1LWZlaS10YWktYmVpLXRpbmctY2FuLXl1LWd1by1qaS10YWktd2FuLXNoZW5nLXlpbi1oZW4temhvbmcteWFvLmh0bWwiLCJwaGFzZSI6MCwidXNlclR5cGUiOiJORVciLCJwcmV2aWV3VmFyaWF0aW9uIjoiZGVzY3JpcHRpb25QYWdlIiwiZXhwZXJpbWVudFBhZ2UiOnRydWUsInRpbWVzdGFtcCI6MTY2MjIxMTk1NDgyM30=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvcWluLWZhbmctY2FpLXlpbmctd2VuLW1laS1jYW4teWkteXVhbi1qaWEtZGUtbmEtdHUtZmVpLXRhaS1iZWktdGluZy1jYW4teXUtZ3VvLWppLXRhaS13YW4tc2hlbmcteWluLWhlbi16aG9uZy15YW8uaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcWluLWZhbmctY2FpLXlpbmctd2VuLW1laS1jYW4teWkteXVhbi1qaWEtZGUtbmEtdHUtZmVpLXRhaS1iZWktdGluZy1jYW4teXUtZ3VvLWppLXRhaS13YW4tc2hlbmcteWluLWhlbi16aG9uZy15YW8uaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.222.148.48 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a173-222-148-48.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 03 Sep 2022 13:32:35 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=34, origin; dur=215
content-type
text/html
content-length
555
expires
Sat, 03 Sep 2022 14:32:35 GMT
pixel
pxl.qccerttest.com/ 		35 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1091258728;fpan=1;fpa=P0-630618869-1662211954838;pbc=31f0aceb-bd03-4382-8a79-6257429e0569;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1662211954838;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-9.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 02:26:14 GMT
via
1.1 75d57b6f1d28b9be49fef8fc0aa4a23c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
39982
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
I9gUdvHm-Qf2C7B746XArErnKHS_rRga3dYmVbqKRl7ZLWjCC0xcaw==
pixel;r=1007042225;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html;u...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1007042225;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-630618869-1662211954838;pbc=31f0aceb-bd03-4382-8a79-6257429e0569;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1662211954840;tzo=0;ogl=;ses=a3110bd5-ea5d-42b2-b763-1318363578e8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BE19 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js?cb=31069313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:35 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%A6%AA%E8%A8%AA%E8%94%A1%E8%8B%B1%E6%96%87%EF%BC%81%E7%BE%8E%E5%8F%83%E8%AD%B0%E5%93%A1%E8%B3%88%E5%BE%B7%E7%B4%8D%E3%80%8C%E7%AA%81%E9%A3%9B%E8%87%BA%E5%8C%97%E3%80%8D%E6%8C%BA%E5%8F%83%E8%88%87%E5%9C%8B%E9%9A%9B%EF%BC%9A%E8%87%BA%E7%81%A3%E8%81%B2%E9%9F%B3%E5%BE%88%E9%87%8D%E8%A6%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-3OEr6mvo30nHFKTxKLDJyA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.22506607078957375&gjid=0.6844999709479709&_r=1&a=4568&z=0.3611093511998371&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0B97 		603 B
109 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-34509784063207531691&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3224&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=3630004568&ga_cid=amp-3OEr6mvo30nHFKTxKLDJyA&ga_hid=4568&dt=1662211954592&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&bdt=4603&dtd=154&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208172101000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 22E9 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
146668194a5b04a329dcfea4713fab62c5953d7e604dd5e96eb503bc1c8c5732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40122
x-xss-protection
0
server
cafe
etag
2906785492670719624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 13:32:35 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 90AF 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
63954db7412a3fd63153f62a15aabff7594dc0019df2e5624855dc4a51421d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35860
x-xss-protection
0
server
cafe
etag
6885616845819196037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 13:32:35 GMT
js
www.googletagmanager.com/gtag/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
028b9028650286f6b95c2e210d6002e31cdc904d369ba7b0505d2cb773aa36f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74215
x-xss-protection
0
expires
Sat, 03 Sep 2022 13:32:35 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9xaW4tZmFuZy1jYWkteWluZy13ZW4tbWVpLWNhbi15aS15dWFuLWppYS1kZS1uYS10dS1mZWktdGFpLWJlaS10aW5nLWNhbi15dS1ndW8tamktdGFpLXdhbi1zaGVuZy15aW4taGVuLXpob25nLXlhby5odG1sIiwidGltZSI6MTY2MjIxMTk1NTI5OX0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
server
nginx/1.14.0 (Ubuntu)
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=958426866432502&correlator=151204425526360&eid=31068929%2C31069102&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D821f4816da557bc%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D83193f669e7cd2d%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D84ae755550044c5%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Db0bb315a58cff0fd-22350a812dd6007b%3AT%3D1662211954%3ART%3D1662211954%3AS%3DALNI_MasVy0iNoWzcvR2fMeyiBC1PueACQ&gpic=UID%3D0000096da67dd99a%3AT%3D1662211954%3ART%3D1662211954%3AS%3DALNI_MbiM4N19vzzq0aywW_5bc4tUi4Jiw&arp=1&abxe=1&dt=1662211955344&lmt=1662211955&dlt=1662211949989&idt=4353&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1086500417.1662211955&ga_sid=1662211955&ga_hid=4568&ga_fc=false&ga_cid=amp-3OEr6mvo30nHFKTxKLDJyA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
2f7eec2acb4eb5084c7b17084573214ece0d665dd3843781707e4ca138ab043f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24164
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 36F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:35 GMT
expires
Sun, 03 Sep 2023 13:32:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ Frame 22E9 		343 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
0100022f4513287f28c5620cf957ea6266bd3c4d6fb29a4b9e693f8c557dcc15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123675
x-xss-protection
0
server
cafe
etag
17292704047757978111
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 13:32:35 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ Frame 90AF 		343 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
21f84c1b44777fea6bf0fe447f77d4e8543e7e39d04ec459573a3f8e907463d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123675
x-xss-protection
0
server
cafe
etag
14746407861686230604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Sep 2022 13:32:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF9B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
38434
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 02:52:01 GMT
expires
Sun, 03 Sep 2023 02:52:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 868B 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
d66d034960fcedc87da8907a2b349aee32e3b3b3479060aa5cc4fad41f8dcb4e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fhqa3b5tpE_3jaEa_OUK-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-fhqa3b5tpE_3jaEa_OUK-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:35 GMT
expires
Sat, 03 Sep 2022 13:32:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF74 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
38434
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 02:52:01 GMT
expires
Sun, 03 Sep 2023 02:52:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 27E0 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
c24b52bfbdf7fbbd16a2d473475ad39bdb8c0d5d72d234dd84a783cc154adffa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jZoQ8Xzb1E322Xke-PrHuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-jZoQ8Xzb1E322Xke-PrHuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:35 GMT
expires
Sat, 03 Sep 2022 13:32:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.com.au/adsid/ Frame 22E9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 22E9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E3E4 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
6138882272dbc5bdf2f6ac9a5ed71efef9bd4acae5c3cced595b0f72c763f9ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9992
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 90AF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 90AF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3795 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
3415ad9cc5b5c7fb4413157c46df2aa21d0bac449d550208db68226caa8388c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame EF9B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 20:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 20:46:47 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame DF74 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 20:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 20:46:47 GMT
container.html
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C45 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:35 GMT
expires
Sun, 03 Sep 2023 13:32:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5AE0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:35 GMT
expires
Sun, 03 Sep 2023 13:32:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F507 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:35 GMT
expires
Sun, 03 Sep 2023 13:32:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 27E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=743749482028347&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 868B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=4290311514371543&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8v0&_p=4568&cid=1086500417.1662211955&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662211956&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&dt=%E8%A6%AA%E8%A8%AA%E8%94%A1%E8%8B%B1%E6%96%87%EF%BC%81%E7%BE%8E%E5%8F%83%E8%AD%B0%E5%93%A1%E8%B3%88%E5%BE%B7%E7%B4%8D%E3%80%8C%E7%AA%81%E9%A3%9B%E8%87%BA%E5%8C%97%E3%80%8D%E6%8C%BA%E5%8F%83%E8%88%87%E5%9C%8B%E9%9A%9B%EF%BC%9A%E8%87%BA%E7%81%A3%E8%81%B2%E9%9F%B3%E5%BE%88%E9%87%8D%E8%A6%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame EF9B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zA3EOQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame DF74 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bS2m5Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame AF04 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNX0b1r1-bEDZYHr1Mz-A7-f2g8QmUCouqloTONTsnnp9k0ThaAAdMgVaP0zmGzn5nOmS57Ql5HuZeRbhymDxyazXPuiCQ
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:36 GMT
expires
Sat, 03 Sep 2022 13:32:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3C45 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjFIHIz-UTUja-_hQvX9pZXZtDecTV_pgIKhkIaU3925xNff1IbaylNBJ3Tle9GI_kexgjrugRiH-wbRP67zJdTCRNgg&cry=1&dbm_d=AKAmf-DRCtxQ-ey-XVcBADAxKXv1AObrGUqYtQCsgln3WFT3MY8T9jF552GaEKClSJC-HgaGelXBGwj7eXTJtfUg73Xt5LMvlSvmMPIX02xe5S9Pr3mLuxMKVKKIEJsTsrpWBQTBzgCNlh8EO47Qn1Nxef_zz1XUuFE0ZzThbJGoYg-cisSB4m4DFPCrTjfy9-tSCGMe1aCHeV3dlkVfrEL7LXeRKH3djcDmU301wOshbJ5j6-BSDn8TLo_1KOFg7vRXWcvz-rdYR1MZRp205hJKFCfn2jSOYBLxeAk0-ejdqB1Jha3_dtQbl4ZF3Czc8D9R0vtgi74971o_dEHMvA1UHLWpoS9jpg2t90r4MzaBFDg1PdEPw3PX9POWpT0F_o2Dqr-DkP1t_BuOGqh0VlJo-l-b634jWWIn1oUasWYyFkaK0X7I_nJPapaBC3b95x_G904_sB_XnrjrY-uvsgronCU94Q_H_Ec9hGPuA6OEBHe4p4pJkksrnLfsrJYhjfJ0F0qQdz4-D5-ge6DrYuavEu-pLp-qL8Ks1yaapMOKzDfGd8sNwKHXj1JPNaykH6wCj7SzrIAe9cBBfYDAD-_WXEwJKVCaKvsAI8rVvsvc9P5qIkSlR1kMEHOLCIkVPk0f0Ij2iIUUXEFSoSBzx5-aAgFsWNmmB0XHfR9HY_zfQsiOlYy-qkR5gGqVy3HUHE8GghbyBSgsOKyJ9cXYiOsRydIfymclASA8TsFZkkJc6dYc4O-KRwxTqmBbC_8_tTXk9sHeu6QEZwx1nlAYWI4v3wJ54Z3wMnjdJfYpHV5mAQHX5oRJCG7If-FfupLuCtLSOOhKv22KTc-cKoxMclzIERiWbqh219LyGM8zOJmQ5mclv8SJKuwSb9yB-HjgFfYCm8yzBbe8PbdmJp-1bi5yPz7duN8AdY49vAod0JpyFx2Xc2DvMqv32Hwq_BtZ-RkIRlUPs1bfp6vEJ04EW9zT54EXOxSmR9cjXKafD2VNhoEUD7gnDgL7p_fiA7cUP3VH-JzNKSm2aQHBsKVTg1GVYQizpBXxyP78X-dbaw3HjICnmWsuVzrUnMBWG-oMwMvDDFOzurUTK2ddvG_WJbTeQ6obKU2w8FhtubKJGknMs-6njZwXGIiOZcZ2KB4D4GXLBHd5mex8d0M2pUVd3U6hASWIQiWjpxvr6ACZllJtvDxw2lsHaVU9OVta07LWQ1L_FH_RfRzIioWnOoa6MayTtFXkFTWcpTpTIzQNGM_8sMm7i4RtqjpsSWLhdTzQp7Eqixknr01zIEA6Re9EVY2qKjuFA5omWuioW1cyxhXmG6FMUGnuqOiyPHngwkOPxRa4_PopW8IqpMpJnASGo9V7hobEgx_tNKDoeON8qhqjVH0RlTkA-_SUutyBzTPppvCNsirGlXRzATfKajwBv8j-c8AjYyxBKW5NORP4rPaEymbwsygz6KnRw1JZPu7sFkogrDtf3HLsCPpQ-ZVVAPdtbFTVTrANZghC4r4W1a6cQCfLCDteZRS1o1z00xVblTo5lBtq1k36JGdat8EHcyaWuXRZZnzyByl-2Jz8gYQq2rP2R24cqgEivpTWgZBockY6LWiSi1uURqWstNc0h5Zxu8EVpgQUumo2d-5WNm0NBYTgmE6dy2ZZu-x0zoH9A3gfBapybiqtwycm8hQ12YZurdKfvoIRhPxefA597rAWl0n-i-GCJWLLhc2x3Ld4CQ0AZNpXRT9boXfgoe1NnJbPundeTJpBCejaFxuKewFQQltVMPu4FgvF_0SNwjYnQZ_JKMWSvd8plSYc2AhZ4ZQ5UGwhvWYvhQV6LwUkriRXvSU3X_6yyC3u0bJjwKhblMNnKN8qCGGA2EMN95f3poUEqdTEMYl-OQ56jyh_LgEWZ1XbD_XysLhItiMKULxbJrAh95rVKc3q62xV_mui-vGBBQzsjkHq6HPh25Lqs9AQ3CfRwSSFYjvEtOLdSAgNqkh_jDR-XczPTkh52MwMDyLW2z3mrL8y-xjItJ1SAyk9iXnRpD4BVcV2YX3lN0MlMPE-G5D9lcKvEI0_ZtlLKUKS4xb7KdHnRuFYe1Ask2_8_JUuIXqazs2k3gOn9PS66tGilJGr8x2J0qHqGF7P4jG_xqaWuKwz1QkguGnv8c7mfXMkqVKnJT45jYoEQYMyTkHmZLJGRNWOqos3tVIqIm2ixNrvBdqbRpcGZCJHwp5NJPLNrmwQFOmb6BuwD0knOZzGRITz_EG-wyC0k-xsgYKeIjnnHlMqVx3Y4zgmIzjITfSLTlf-KwJ2M88E553N4Wh1vBHh9BUJDZ2k9MjUdcARORUljwDfpPpbY6VWIhhoCP7vdmtl1Tmo5y9R73VxZf2XNRUf-Ao1taEnVX8mk5f2UYfNH58CC8C4UgQDDc4c9lJ_UXECKNqHKIcibFiI4m3So8BZ0E53AOQuFRYqCMzwuOeggldm1CWJGpJAa_jP3jo6mOyhsrVKbeWC5248sr3YCrjKBgeRmXPa6x1Oh-GDTTjNmFcgPVco-EBj9_d8XTFjqYifZd_X24u96iyTv0pgef8MOLWF0L9J7uX8fprNjTWRBR7qTx4h_fRAj72RqSWmZdokegf6Qd56dyGEvt5ipeGLHb10cPCYKR_lZtE6Vzzy046i321znP9WCWVF-Pft_x-eJbcFsp-xupOOXFsM9ECcSI40p7853DqFrLvyz4-ZoMmLtR2bzcRjX7iH5-bXI3QBKyhA87b3REqRdyR45yWTqTw2ACT3T9QDUZPR30_Mmh3vJXLqIDvFy_cebJWJ95I8JEVXrB-IyA-brXutRS_0GCD0CGnWTkxxBOfV47Ldew9Mt28OfxF14g5Cf388WRHYxWd3ZIVyY-9dRiU0Jq4ZJZrmqpK-pgfNTuXs8wTYQCfRaVbQl-yBS59Nlf7AkYh9uPAVlkPDTWR3KBZdX_O5auNgaLg0FYi4XgO8tdFZBb0ceuXxako6n7kbZpgWCgCD5DEtaBdpDfDqbU_CFl-yG66XdlRdU0BUPE2K-YdeSAgHLR_4wSfNckJ4aRu23wTOfVtrpDaMJU2KuUl69HnM6QLj39CcxxRhC0-ElCwHzQYUbSbPeCiJe2dLahiDdEZtB6a1-PQ2zjlFEq2TbrwwcQ109r8oe0xR9KokcPoCfjB2cqCTeBc-4ksam74UwaeYYCbF7AGTWZ_lR3FYcuYD0vNCu75FjlJN0U7PgztQZk2oUBaHMCt0mIPKO0tEcj35DIFNzi8CHN_phuS80GeftcUDEJu5Ox6jccBeYJ4gNiqvrA_8551_Gus1Ag9kqiLg0h4DZOfYSWzsxSnFwPjQB0rErS2A8RmCDTbzYPA7468RfP5vuAOvrWizjEu_wP0YPcZxmuMXdJ64xL33wMGo9zBKKQ0MywVbckLM3nzD2dAtJpyqp7AAhUdsr7AUOPyKnxM&cid=CAASJeRo8pWAA6F9jk7HqOJhZoU8lI4Wvxb0dvi4JUOIv2HkIFpsb4I&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ea90fb25c5d56b58064bf928d1dfa0800d3a4f204e24c9a3b86d6611caf18945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34579
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C45 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnpVv4LFViCHgm8nfcfR8dwnQFXciIIJJ6T7gsv_XWhVYQr2-o0DOFNGDf1WWWAh8wK4eOxF_l24_I_MsdJ7AaFU8PHKCSyb2xLLkqDSiuFTJPTaE
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 3C45 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:30:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 3C45 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:22:24 GMT
l
www.google.com/ads/measurement/ Frame 3C45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpcm-h7a-c2tumiHBOkvGS0g9L2IpH63jjAp5Tg1wzBVu40OSDTydzbyv3iSvCEv-3nckoeRfRn_5HXQGJkqKirPLhTw
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C45 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:37 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 04 Sep 2022 13:32:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 68C3 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXCK8KlGlx6SbZY19QaemEtqKNuQjYgHXmUlbl0Dl2aR37FQ2b_i_kGAsgpBI34B-71i--rXrghF-zIFTwA4a0z0L-0iQ
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:36 GMT
expires
Sat, 03 Sep 2022 13:32:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5AE0 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdVPFrmCq_JSvXd6qHzprXXCwMzbyf25N-L_hofDjSjQRnX_mW1hlTl1KgM49b7W6bbFNURCrz59vtOv0E0MzpRXuFwQ&cry=1&dbm_d=AKAmf-CrKpHOV5iHaEOQDME0uhI6-q5DLBw5gCOeJbvato5UlbBIP6lC9zb5rqC2EKL6zdKkbaX3I15oyHOKQVwQyJoIPBuZJNmhhjgIDIaPdUOICYmvS0YJvl3EmzI3TLtuSqx1pquDeHOR_GBVwp1Y-epnm1TL95xMdDXXzNOiTnT3HG30-uqUe5GNY98nStA6Ezy-_7FwuKj2SGBYD2hUzQZVSwsp8BNoqjMGxrXlmm2xutRzE5WS-UsVcr5jfF1ouPYJO9_2RjQWHooWn0g1VsQlvihryzFlJaDz61VpxwRdU9JfGDUR89o0Q7KPm7dPJ41apFHQExquAyFAdlh0oWgTwG5eyVC5fZ-XkskisrrwDHQ8lFH4MNn_-46agDCm3BGTTXb8qMCZPV0xBhgGu47MkCDsZ6FnhrYj4RA7zGsgD0y0a3Y6TwMaYudnlHrlX0r70Lm_lORw-MMltBlOPHBCknP8XKByrsB-AoyV0TTGSF9hzXMjdajQNVgZMN3ZhGY2Ir2lPEzrdoOvy4VvDwp5thIyZj0HtaChwAsEeoCMpmKmOXp9tDJPAhUVj2hgH9lPDJ1BgbucE_CVy8e1EkB-Qpy3NEkSwcVQRIHJnMy4NV7IIfjFy6B00RDaSlO94gu4mjSEIVU02zPkSyl7QcTZX3gE7woDyBSTu8rw_s_LJulMj2ZYQYpPdHE0UyMPM3LFPjRLpPaDWxDPQaN8OF-q_mAjnfqV7ILLPqaap6mMVW_s64qlnTOf46zyfRyqp1OpaTJcPNJ1RbOB83YXGyNy9E3J6unWkXlil6VQhpnQkPORgVU1etEVpRNGk28c7nqonLxy4lnHUIMiogbLk-CU9RmukOzATLMv5nWNzP19fre6nIz4ZojSC1RbbVE4X4AUZgEHmOWs2p6lxCMTfj6n9yeEUSQ7BNXqT-X4aHsIIdcB639FWv6rru-JZasb9OPIxMXh4BgKP5NtDfa-gXnQHO0KV8HruJchc2RUz1PdWkXU5tuco_dItV-CAI1wsKOhDjIgnaZ8PdiFPJkpZg28dec5qFBAQhovBX7ZTF1JbmI8ig2va1O3AMFGtVDctkn7iDO-Gu5zCcu-wAQO5ADEWtpcKRsn3FKJeH8UkrHqVru4UjZ1k_B1huq19IuuOFKSp3MCs8tB4bOwwCyWqUysaQWPm_rthmI-NnHQGk1nhVb894iI8YsoWqKzEeVI91SOfU-kUG9DqrswwiPFW_T_TOxGhfpROazebF4nwN2i9_fUiYWYVsNiJnmu-YufOPGX-08mYRZ5EJ1qETwdikVhpJdPpe2oRy4MPggt95-zvifY8D6-yGVazeGH0RedlB1M8gWC1mMjDYdRb08kDuUfmuLE-50MUHUZhQ4GhWrPVsExcxPZD93G6DpCAqB-ndCXWET-2ozS1AfHLxuMcwDBQ02ZpLxOIlYH2AE1oGImrlNUzlDvy9uBum7XIgL-NArbtAIOMlJK610tCoLYI3Qx83lhXkJA7lmdkPIYnOuaQFsQlrx33V6PWI6Au_OMNPSBfi2FcmxngZoCyvWPoLAVHDe05YhExRfjH7bBgRVeBfWCktjt3g-_TAnbzSqjp6USyfKgk90cpvYDHgd0M25Y81NSGDF5N6lNk7Q658XE4PBWsut_bEamjo8qJ7oEoFH9KiYqhmfGOkfyqABbd0IbrXdppsl3nrgxfWoDPbfLKTL8mm_YaSfEfx5ygF5l7yyi6XTffnGrLPc1Ly2mX0aZUbIU76df1dKCy2lDrGVSQTHedVmLj-DBR4ZDKbpFNVM7WfIC9inH0XA0aH90UihXzD6K4ZGAEDNzowBIfCX62xDp0ke_xHZ0TEOLuRiG_6PCiUjv-zdHiG0BADAU0XoGxTpsoO1nsGxcOYAWMZPC3k000THJRLeAIBmupzrfd_CzPTUgTkSnGfZovlZ51rfjjjyByyyTJBDh9pXi2-i2stNLVNdyCHY07o-9KT6DDBixo7p8WoeqcXY0v9DB8FKe_yDr_BxAlPGoFViErZ1eCPQYbS63_7hNWKjl0dfacPR2hUvT7_fupI2pFUtPFArFoCB9-dZAP35yFir815J3Mj3PbNMAHibUvggGET3e3CTrnKobRQIKTL6luE2sWVaTCfCEVHdAp2a4Q_k1OXBWhaRwnUgRHVsjn4P8hkikVKGuSF2MArZGtP5WnDF2fzne31pgnl-29JRA5Z0ctsc9Q2LxMteOg3aAIIcF_zjhQDahXpUaXNYGkvMPkg01JGodlE7vAMTBJN_im1i9tDf2R0IdocwdIkN9_uBgWO1HjundRyplJZmxlESTclvLgyj5sqYn_veUl2BHTU2mOe9koMYCmdte8tHlj8gyS5BN-BfbdfZcKHJpPZNB8BTo8BvWuNA4jKT0NzNmwgD5w6yyvg6317nus8D3ecyVGT1iZ9AKt_RnA3FOhC4DYJDhRgQPhikHVQsXTJD5xKi6k9xpPRG5ni_rcYcuLnz8RyrXyydGgr_uaICV2qNVHq3vrnAWhnxtgfI87BgaTN11yOT4gvb02-y-NizRkXwEg_wlRsR1e8soAkM4PpnMQAUfZ10MZxN-5MuFBryYhHa1tq4otAZVhZS8LZjZWQj0ZpWTfwGQUQXhqZ3xFTzDYyFqa2Ogpq4Z4lS3nBffkF7fHI6kzWjN1-IKStChTksotUG715f9kBUqHSb_txSp0OxCwKOyjNIsvYbClLfwJEISDFrOxlt_Nshlz_SCXMcdbJk-tAmoz5LseYiKErtzdvZiMv5QsqYqxbHqUTw96AIQybzn4UdHOPmELpuzZep_QxGi_v5KmgEt_sWOFOQDnHM6n-PuUAQ80ID6esavg7fiBKGzckrK9b9Cn77PRQ00xi90fqTWyfUh_AwvIchU3fLiJMXfWRoxh9gpTmg6xGoWfOIFSewoHVf-7MidZObwC0ysvJM4Qx1C0_MFdBs7-wO8_eXQI5qRmApg-gRLjpb-2D_RnO_tO2L456QUOapLLwOQ7zpxCvsGr7B7qfNcv_j9lRoFe9caltUnRn84Df-MJARE39jO_DC4XAZafib3tPoAoFSmbJreV7r-QQ_S4LBwDp3a-goyDM-0R5Oy-RTs_lbgArr6ZkOtC6wXHHCVaZ2dh0EiwJDB9oGpy9A_8-0raltnTk7QJywv92XIH88gOQKa5ufnqh3MSz3TZImQg_virebv-zHeIqY3RmvF_IVJ7KF1UPKaDmPDc5OB5Ayr8cfRhzJp2a3Lb9a7nj-buoI5ef0kt8C8kzAlCLEgSPFfLxnuXrPUElRlWz6Ad1VzWPf1l8w_SI8bcE6MvBLEHC8aB53ABXEti0AvkT4j6fm1acIrsQHJQE2BYOltXCJkxBATbWCsdCN6UWKb6QrLhF0W0QTbEDyWJYHvWzXEJiQzFaU5Ibi-qoX__vrEF8gx2p7WvYpaLXg&cid=CAASJeRoJVL67oSd2gGzkb1PH5GzWfTvJpn6w2fhXPQYNVNhx4pobAY&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a06d348c502cfd4f48c0da40020dc242e62a59bb792010c3ac3ad09f3ad58cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34527
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AE0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOkQtooJxE4yYGQjH4gLUmC9UZDf0-WHKrfUkrKy4czoQJYIZxqsLXjFCfgIlAFa3UCEffTodjDPDSHY1h4hqYvg_VqzcFp_IivzV8WFS5Th7ViQ0
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5AE0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:30:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5AE0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:22:24 GMT
l
www.google.com/ads/measurement/ Frame 5AE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlRdqB05RcgjdWXLZBymQjzLsaZp6dkTdTny11fKfZbZjqmX7IPQcuaziky2CBPS5NH2fJiwQAFJoRSwejzaAmsuwSNQ
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5AE0 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:37 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F507 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVHxUc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE8QJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vKnAEJAv0xFKEaRxdtw3h-tgUSe7UrjVaExxgtd8A2udQ1As_fl3gBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=uNbPigDLgHg&uach_m=[UACH]&cid=CAQSPACsnQUxPwWxLsAx3cDBrDy-3pKhB-YcWlcUPKe_mp4egYHoX2ETL84zrsNkkO1nDIebSmK039ivB9d_8RgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame F507 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kaHgDs7xBnjYBGL4LRICAAAA-ONZtFtuTcOupkbjEHNXE2MM6JOs2TuWRpZjLAASAAA&wp=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:36 GMT
server
Kestrel
server-processing-duration-in-ticks
214433
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame 0B63 		129 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3f2de25aa5e03b4972ef3b4a78e5fc4db1e3a8aa71e4430c6075661bf2279046
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=KD8pJvLChlIcw9LzwIgfzQa6omhAmPLtFIyXxc1JJ7yo7tmiCywYBn3f0OFKbChMUW7v86MhshMBHUcCTGomHB-huDOMU2v43sL4eMnwUpMUL2q4lZV__T9BJ4hsIZfBfZXR-ZE6GHSaYBIElFOKwmYGyduTq9sQ_TJMN-c7hNA5D637LI8SIOu9m_Y0vrphJAn15I2waCb5lbKvjQL0rTpt7SwP1rSrILROP5ncV1LJWTkiNKu04kfkHhfDY3TTfKp7QQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
52531167
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame F507 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:30:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 019B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
63055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 20:01:41 GMT
etag
48472445140208031
expires
Sat, 03 Sep 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame F507 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:22:24 GMT
l
www.google.com/ads/measurement/ Frame F507 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhjUBx_vd1BVyzt8D1SXlTiGDSxGGTOXNybm3cWiELL40mXbC-axzNsFrc_LQ_IGP9CLn8N6bguNC8l9nBdnrbvDoSrQ
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F507 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 16:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Aug 2023 16:06:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F507 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9AC7 		482 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNV-gWpVopuhtxjuk7Hdowzrs59IHPxPGdERU4fdzpvMG59J_1QaehEZ73jL6SH45doh3yGDh4DnLqZnGHQaMslvuc0Dvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:36 GMT
expires
Sat, 03 Sep 2022 13:32:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 02CD 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIE7gmxI44lTmBrDNVZ61i0DX9mBz_tybCeS40I74NUPyMpDZ6v71JqtDQjvtd9uUubLwBkbuX2bLZv2bCIdXamB5MqQ&cry=1&dbm_d=AKAmf-Bw4jLkR7FhOppGZ-ylpbT8vzCH-9vgz2qF93CaatXG0W-Vrnj0ZbOUM8sf_XYbMyttmiiJyTGwzsvBFkBEYe82Q4db6CeN0a3SexX87ZOxlSdS2EttpTrd5dJ63BubZo81BXyYY6YeMhJFVKVmyh-Slub7QNRc0fqJx3o63G30czGWJxmTTcwsmv9yJRDvyEEx6L-wT46dqfT9PRCWPuVdFjOr6jrX4wUmm26Qk5VLxJvI-E3sxDLR1A7M8u-XeK75yELzVlMhXSCJbOOC1JgBEMKit7iw9WvZw6a-cvvOs2SqtD8C74F8sv5uuWIbcRxRrAfjaFMF1scT47F7w2SSOGtCgtYa7qWEsaT9MFdvqxLeri7hH397QRX1ZHnYYQizJiwCiDdbhLQQx6BNW3qfHfohVZoQx0jCdl41nLauhdIErMxBzCY1NO9Th6Omwk0fXAVZ5z88vyxFnUqmYA8RfZFYB6dKaF9IzDrzo4XGMSNSxwhYWz8B_aZjGY4lQEhKgcvQrzSCzW5m5LdtU2CVaaeVToB_R-SgTR-Cies6Ak8M2ADvpa8CIkELMlS2X6ixrEP7cWWubfaLXFq-eOz1DPDDJr1R8345WQpOUYkwTh97AbAWfgGqv_VdFmwCnfkv4ombCxws7_tBoURko7UwzCtk4b2xd0n8nyADflvKAnXmSlHQfkVlEjV6mKTAgFL5UV07v3FQsl-T1DI01LgpnKmOsjyenK5AGvR_BYqVhlF9jBNx4smT2vINiEBHvfXB7DagxXZCNB8FvuXqLXX2bMt6Kd0i41kjgoq92XCt3haJsyOEEVYbCc31_o7W215EDVUSrBJ22VK6EGUr7oD7AAVZspXDIq7MmodlyEroTd_Pt6vDdyDSmkJx2DLOwa-Ynni6QQ167XyUeSYDW3u8XUZ3oSZxoA4BcGH7f7S0pu1vYFsp1sGSPaD6xjy8vW0La58CDuNKsNU85ZbXlKJliXGktjI2TIfOhTkxutOYgHiIUuNNS-LQeDVsF7sfiuBBwUcOQD5zCy5u3DzMCTqahpPkk_kLmYtYshkch_j9egqxhODEiPcCDRspr7Y2wF_71SGGRfyFUwKfQW8u8hUcr2ivO3l8MsZyExb1aZZ6Z4REk7X_3Cb66YGeNkIMPaSj-bRaG5l8zZyTHzBVlp10lEoxm3foDtJwil1l28tCEjxKp0mpJKciJPiUPCscxeoZF9zI7as-UFhUdArxzXvxbLfOaBTv15yEZCUcRcQjz2-IkEq0d-5PAT3iQMUGO-49TMYTXA6LrR12g8iOB68emPO29cynoGhpcNL-e2ayrXl7GnzUYaP3-6pOVu80IBn2Z9_1meTFJ9_RP_ehI0Hf6HLQhIWgzs5-Re9DpLLRiAnhutx7CSlOSdgMBWRdKkxVU-df-4vEicQTIHO8-QoYyuEsLO2ra9OVRu-6k33cBW_0PZ1w_JihcRjuGbxVYSBeLJCbAkCjgN4oiNQceaqpbYlFXByQ926lPlprv2x6h0G4IoDSLOTqr37Tg2S2GqGWhbn8mal53F8eMOgVJ5AsJUqBGOy78CnzqdU1L5L4nh8sQRJUowzMjgma8UGw6rCOwCYlrXtFTPDed8uQatSTk3HDn82aOOI1R1GdUY0tE86qDmFJpV5I0y3y-O_CDDNSMJKWB9YKil4yTE42lVEC6huizfdjsMdAgTX6oWx4Al0qP7iKGHE-4ulwSU1hlVluhHHgRDao-jN_vKuZd67bXa7O44Wr853eFuhcLNC7tfeKYxQDDn_ASeR7PxUCS1b05Y--Njkkh6TLvbsLBuqIHE5SlamX-S7IVlNICA5fWMU_4m2ThvS7SuAX6nxeVFTUXpGTwn_N0-ycRlRNZZ3cmT3ghA0mncthKMC230cLASP_XwWj-brH1xsBQE8UMEv--fvx53Z7U4ZQaPzWro65yLECwy9IK8NTWGEd2bdzM-QE1bYPPidoDKC48lgVQLhzcTGp311H1ENxSl_5hQ6ezsYQ-vPEd_TX7SyUzOUnnn534kTJdEgTr6kP2QahUHHNl3saKgCiRhD8yzzgC5Rzj4RMO-5fWd0vqMDDBTjMRjB_Cf7q203RiiXV6IUuN6-hLKAzBtiwX8KJBWkRmrugX5K_bF1CgGMIsCS8OA-tshPD_A97XyXRR2uXIN6lvHUUypvtPTF97eT8QiYPStZ0FAgwOrJJ476CZ6b5ZV6M0csxB90KofmPwuD-g_bk--dOJFJBDD9TinOtOF75qotqrlUmRcwcsRxn1meGSGh2tpoKoRFEbckUBAPuuYzNCR8kHzhgcJ89MEMBrLmoRhPUQn4HDbr2uoou3pzmBhzj3XW9rZ6tKQpYk9rxPXywpOPP0BTcp3DFx07NEShv6C6IcbmidLBE0OVYiUHlpJTQtzGpeb19mJrUcqF43f77m30aivQil909H_nMbvN31vvcySfW4rx7DDjjGxlqQ-9dsGbLhi2iZbr-BJYf-JqRYjFcLLQHf4ynUuoZqs7cA0Mley4cfzHUapcPpMl7P8twg7FbHTE2omuU_bKUuwuy5V6XBZGe1B83uZPwLJhmsqjRn86ehC96HdObOE8S4d4LjW2mvrrdfoCnIwyo_y5m2HkHTRwNfXx9GtJgmt8iModdNXJ5QImvqUScHePAil08DDbPWr-Pr7tIUvQ8w1u3aEcpZAZamhOvnv7agiQbub8BYedC8II__38Rddec3l0-iB1svZSnwMaI3eynGoUj8E1z62kHGq016X1nIT_Q1sg3wkYX2rxscpdl46W8fA8MZS2_nWIQX51k6H0Pvz6blvF_ZHIAFYa3qxibYQJpbKd6n6_itE6SifXqkoUuXV7G45Hilx9hUN0gYtj_jFRZ4cb7Auy74TikhvKZL-9b4Bblxd9rQyGaB_-RPousGluR5JLKOZzwhx6smsm3Rc0mDHU5d-X7cfn1imdS9LIeuoqoKSAGHA&cid=CAASEuRobZlPwdIsX28mGtrT_yKrSg&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
222eba1eba8e0d461d62bd474725c63d8b1ed5bc0a90d59d04af27543803561d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33655
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 02CD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:30:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 02CD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:22:24 GMT
l
www.google.com/ads/measurement/ Frame 02CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQU0CHcb7qufdBrlzHUNIpSiosWh4SZG8N1yGGCyiwApHU0sQ77xzqx1RlA0eH9_4hbJcwEac7UEuDXpyU94Xp6FPvoSA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02CD 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 02CD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2g-ynW4u2KhF08-vnvJ-AdHMEknIyp-A1v934CAwRGR_rF6sw1zcA0sCsidJs3tgLfNbsfHjln_U_lVvOrEwVQxFs5_MU-gdBjVMiY56p3nl6nkQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3D7A 		342 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNXHxhqF8tbBY4c2hoDhx-VRKeICBbwTse-2GW9FOPpKxd-KphGsRLdjprLpaV9FfGSdghwI4oR3haOZNv3OVJux4EQe3g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:32:36 GMT
expires
Sat, 03 Sep 2022 13:32:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CDB3 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZOJ6zhOxQbVADwbyZ9alKs_wZo9GJknMv0WGhxgyBrk3AEhz-XuutAV2luzZ4hl32LGKO4wOkFupCILF431Qvuqx1dQ&cry=1&dbm_d=AKAmf-B4Y4N6pYbT8t6wYnhf7Z2qsLIbaME_-7KpF5j6JY3z6I9vXrms2lmugQuodIqC5QqaDZV6THP3fKaUKEP6e9K3eMQKfnB220IhrqjilBfAeHb7RiLRmnz21eARyx1scQJLVEz8XkvZwFFJHNQTrvR0WzxZ7JuHDR8mzMGagDxOnSqc5F5n-W8ydpyx_zwlZGWDaWsduS6UCw34q_BwLjJzgeldK2PAFcbpmVuj77HiMcmSbtD2YgHLb9DuSTqvnuVdCBm7L8PMMSkN28vGHYBdScxkJRyxw7_3kFm1BgtG6QidtjzCm4NKOHYCXTi7eCm_DWs2UUqwLNaJgtczL_byEAvFWl0lveXN33QeZ6Pi-7eWaDgWPUrpGiVrW-58guRS6-vi-XYt1MZiGEE6ImnTUc6W3TbJKQNcfvH7lRRzMZ5XQb6p4AMojgxqCNmUzShBYNWA2iDwPXrtma-Ql-xjxN9z5JEeNOTaP3cMAaJdncrzBNrujh8y2E4HkAdJhYAImeamMYwwhFYrVZyXwqP-a7glaEnXmBbVUhNvX2e7YYC7qXKi3rVm0aPjVBI-rpUW4pT0h3mYwxNLiGLQUQpg-DB-Wi0uc2D91OLd1c17N16G_N3M2I5PU7nEC9SFD2u7FQYfUqAG_1ZHITUZsGtOxjB2-XP4xHhjMndAkrfQpflANkJtztMGMe3xNPRAjvKdQNLUFBiadtx12mnd_u5LoZiG5Y8GQ8UHsi2yiY7WmBpAJbfdKL1ZyUTU15i0elOpf4t3TSVpvNcAxngBkzCnG3MJs3T8K69E8UJmOq-O3KUPpxu9JqL31jpKS_sCTUrzYceYrj1w7IlhMAeTgDBhN1bFHqBRAPowO8ZSPMvphqss9nOMvkfjv6eHW5p1tPkN325YigkdijYhXTOiTSQNiXAN_b5M1VWINWlZZ6Aj1SKh7IuIsx0XDWkz6sAo_USIx7yGDovpjT8wzDBeVzP64nEtL5cKyDsL_5qmJjAF-z1Wg4ZadIlD1TXRehcwBbzWKxcSKFLksM6ef8dKNem9LBTHHCdmXnyu1jamehxCpEF51IGpiB-EbfZfwVJqpTTzBWdQytRpPzld3K10RCp67o3fF4x0gghjhpEzSCUPXQQUxpeDIZTHLBOeZxC4kudZlvmJ1SHkulK2G1CMvuICSNkWamTP_VIqCY82DDxXjaZzOMAwdl9cTSbuaN1Aoe610awdHcwvMx9oiW-A3uav9cihoQLF8lBo_EsbkoIpHcfXzGiazBHXYy69TPzz8R5KKrrUSNvFrCEnjMgNS-NQ8gLBv6nR-7HUEDExTIPbBtFnVhVa0q1AhHxzT_r9SdWZdRie5p95a1DFI6S1Sx90Coo4_napDn7YZOWCuFA8cSgCo_04dUB_XYfhzdHoN6_7-n-TAatzEkj3cfaTPjB75pw-DN_-XSWzysPq2eJ-B7aLf0skVbNeALkuAHIbAHZeFp8KBRDBc3EO7O0E8gSlWrxPQIe34y5g-K_kCFbAJrzs5ovRctiJdkDwEXN6nhrF81xkFAmsYX-QEIvciAC1x6WFHDWUBX5DeWReQVKmeItNXeXRbCdV9LR0lTcWkXwiZ8dj6UecXMm2NVPtlolM8qESeBzpkVgljJFbguUh4pztCLos0tw4txG2IQgsdYTLWREhN_eYb6w6kx8mXJ95OCc9wbBU1a9U9Hq6EyMfKGg_cVRUDnlkcHiUFOG4nfPDqFzmx9Wwdmmck8FAFpRRomn37meNPwd_IeIoXK1eoEMUH4Fp9T-_ZNqDEDe5EVJeKFzoAjUPRbL5NUn_x1o1brY8Hh91HjcpjQpvwi-VxeN5AWktspqrubFngzXTT-c1IuYUgUKOhvxmGSiyZO_WvesZ02wTBS0RJVx2LU-RUAIUs4lMi6JHWszMAJEqG-6eH3B81YWdQfiN-uSIZkQFVRGwk_Hbib8zcWyLwKh3_Gh0aAYKWDHDZpSIYOQbBkDw2eS_5sbW-Dy5AC3eqdQIONMpcSKDIeZ_GxNcaubeBYBUes-c8ZXbit4eZRbkD2CFWE-yE0zJkkdj26tS28er4-Or8wuo-AlkuZbeKQM7Az7mvWfaCWUN_wKtIQZhxNclGGu516t72GkiOsresE7UtZl_zFcLZHf_n-9i4A_3EBxxpUqgfiQV8Z89QZMulzj0pcQdHN8WTauH55DPptsodQP5ELrjwIq9yInGuCIivrjG4GjC9IHf7f7s99uRod-aZpByZ-UqxDfJPP3NAqT8DhFcbHAIv8wPH8Ed_1KBUQHPNj6cXTidTIN42Q3yePnsNdmRZwlEHaGnvcUHS5M44Te8I1wC34BGxZUWk2cOK6zTr_i8i-7w_1ypVO5NHgOWNEgLemKWvhbL0tw3ilZx-y7gbdPdoBf0Pb8dgChUlk863gLRxWKLifwdtUN4sM2RiNO3IQ7GMxsx8SkAKQrbrng_MxGeBNdQKB0JWfm460ppVphmKi5NyQ79sc2-hcIOjrOcMdxft7fr6Y56ZxF2hULaLwFkDE0xkAt0zAZye47_kZQVilBIY3OOaWyXFX6Mvet57jXdmRnDCIk5Gs669Tko1qYJD9ty4emS-2Ua9GJpa5O3TrPfz8-XABriMQlFwXbLQ2yGQ-wBPtkCLShkyk9xgcKFGOJyvW5El9TUmXUaTFvLF-jlmjhfJUudsHjhG-ivf168rXgWXoyTdiN4AU8zGEvtCSuEHwr0zFglQa_xMFXpFJLoRpSLiA17fg7QdgiF7eRjE3E8SVfGEf0_RUdqSWkpt1wg7kzFNkPNcwhTlGGHY2tOcCelF9OUr4NJ4hbQoZRuQ4uIOVTqwOkt8WgWEY7tfURC6WZ0q4bZDBXKsWIh4PnRqiB0skhgHUPPvfdtZWzuE43nH16R30z2_neLBBL4tJpCxSdn1k8etGZJfU6URxWjQi4EJTVuoNSzKULuIBNEmpDAUJrQDIwV6dGMVg&cid=CAASEuRo4FxJUvS2_0zafOqRvAh3gg&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
bcfef04d31d24901dce669568118eeea1382a982fd182d8f9a083f1a34a5f421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33744
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame CDB3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:30:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame CDB3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:22:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CDB3 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDB3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1c8oDPyCa4ywtQCCA98wUM8uII8EVTbyn8lPisRd0X2WwDrrnBagcHCuC-l9xeFzrdnqebOkiaJjz-uy_0Ggkxc96N_9YiC02lBa_1DSbny9NLsI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AF04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1&C=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNX0b1r1-bEDZYHr1Mz-A7-f2g8QmUCouqloTONTsnnp9k0ThaAAdMgVaP0zmGzn5nOmS57Ql5HuZeRbhymDxyazXPuiCQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
744eda3d5992aafc-SYD
pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLkf9sGi7dQIrojsxQXfYJ%2BTYsBiPKrRhZ6ATQeasgNyiCW8g0oDJRVeKSM7y78yByrK768tl0b3%2BLfvvFfDFKgTGtkon9GVYjP3Yz71FP2pjtCitxHJFKAx9d8AJlQ7PpLHwcgjIUzKPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGvFH4PHP4%2BuvoqQbPtGQqze2wcK6Xzf4C04w8kphTicXp6SelKuz2PSCPmu%2BHJB2GOMdbiyZFZQguXNKMjhVr9%2FMZvPQoIApVwzZCVlH7xUytWxOIg9MXcRBruRS2RoCKnom8ezj3FJfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1&C=1
cache-control
no-cache
cf-ray
744eda3b2f306a5d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame AF04
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxNXdbnxzew58odY2hHp1AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNX0b1r1-bEDZYHr1Mz-A7-f2g8QmUCouqloTONTsnnp9k0ThaAAdMgVaP0zmGzn5nOmS57Ql5HuZeRbhymDxyazXPuiCQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
744eda409c46aafc-SYD
pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKj07R2xEUEeEFQ%2F2sbKd74jjNFqV1lAsPALU5XbgdvXHBFMgpBzVpNKETTVWSCshu6hoDgWPh6NBUQA4TUsZO8DHZt%2FUuI2K4ecerLUqTmk3tIhuzSO14yBnOChrOi3S%2F9mKJYCmUWF3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC_4ajzfCPxiOSdfilInLAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AF04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECl_8OvdfNJ9v3MAP3EXCGk&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECl_8OvdfNJ9v3MAP3EXCGk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNX0b1r1-bEDZYHr1Mz-A7-f2g8QmUCouqloTONTsnnp9k0ThaAAdMgVaP0zmGzn5nOmS57Ql5HuZeRbhymDxyazXPuiCQ
Protocol
HTTP/1.1
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:37 GMT
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
196c0338-bf1f-4ea4-b319-2bcbf677c45f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECl_8OvdfNJ9v3MAP3EXCGk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF04
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDE5OTI5OTg2MzAwNzM1NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDE5OTI5OTg2MzAwNzM1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNX0b1r1-bEDZYHr1Mz-A7-f2g8QmUCouqloTONTsnnp9k0ThaAAdMgVaP0zmGzn5nOmS57Ql5HuZeRbhymDxyazXPuiCQ
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:36 GMT
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6cd6661-8137-4269-8068-d6dad1bd3742
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDE5OTI5OTg2MzAwNzM1NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 68C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPjQjB-voBSQUmH0PJkExM4&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPjQjB-voBSQUmH0PJkExM4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXCK8KlGlx6SbZY19QaemEtqKNuQjYgHXmUlbl0Dl2aR37FQ2b_i_kGAsgpBI34B-71i--rXrghF-zIFTwA4a0z0L-0iQ
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPjQjB-voBSQUmH0PJkExM4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 68C3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2UzMzQwNzgtZGRmMy0yMmQxLWM1NGYtZjAwNmVjNWJmOGY0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2UzMzQwNzgtZGRmMy0yMmQxLWM1NGYtZjAwNmVjNWJmOGY0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXCK8KlGlx6SbZY19QaemEtqKNuQjYgHXmUlbl0Dl2aR37FQ2b_i_kGAsgpBI34B-71i--rXrghF-zIFTwA4a0z0L-0iQ
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 03 Sep 2022 13:32:36 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2UzMzQwNzgtZGRmMy0yMmQxLWM1NGYtZjAwNmVjNWJmOGY0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 68C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFjLUK0vboU-T1wMfoQj17I&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFjLUK0vboU-T1wMfoQj17I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXCK8KlGlx6SbZY19QaemEtqKNuQjYgHXmUlbl0Dl2aR37FQ2b_i_kGAsgpBI34B-71i--rXrghF-zIFTwA4a0z0L-0iQ
Protocol
H2
Server
23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-160-138.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 03 Sep 2022 13:32:37 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFjLUK0vboU-T1wMfoQj17I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 68C3
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTk5MDRhNjMtOWU2Zi00M2ZjLTg2ZjMtY2I0NTM4MzcyNzJm
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTk5MDRhNjMtOWU2Zi00M2ZjLTg2ZjMtY2I0NTM4MzcyNzJm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXCK8KlGlx6SbZY19QaemEtqKNuQjYgHXmUlbl0Dl2aR37FQ2b_i_kGAsgpBI34B-71i--rXrghF-zIFTwA4a0z0L-0iQ
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTk5MDRhNjMtOWU2Zi00M2ZjLTg2ZjMtY2I0NTM4MzcyNzJm
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 03 Sep 2022 13:32:37 GMT
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_cver=1&google_push=AehlK4DUxxhQPsO7yJsb9fVU01sGJ81E5eAMeFGmFLJ3ou0QmiB8t-E...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=2be0db7423ba225f&is_secure=true&networkId=14000&version=1&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_cver=1&google_push=AehlK4DUxxhQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJtBTFOLPd-ANjh4f0AAAAAAA&expiration=1662298357&google_cver=1&is_secure=true&google_gid=CAESEJLYt8xzQnagn8A4mv5v3...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJtBTFOLPd-ANjh4f0AAAAAAA&expiration=1662298357&google_cver=1&is_secure=true&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_push=AehlK4DUxxhQPsO7yJsb9fVU01sGJ81E5eAMeFGmFLJ3ou0QmiB8t-E4Uig_2l6zLPYiSCa6igJVSr82AYXF6WkvaPcBgarLac_BbDomWexFCzB6BjzsnubWHOdLISBLfm7WT39tC_6BSCaWlA
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJtBTFOLPd-ANjh4f0AAAAAAA&expiration=1662298357&google_cver=1&is_secure=true&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_push=AehlK4DUxxhQPsO7yJsb9fVU01sGJ81E5eAMeFGmFLJ3ou0QmiB8t-E4Uig_2l6zLPYiSCa6igJVSr82AYXF6WkvaPcBgarLac_BbDomWexFCzB6BjzsnubWHOdLISBLfm7WT39tC_6BSCaWlA
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4CfTtXcxkCxZVUfJ-bNjjPXzGJwKMxOhbM7UryP-MHfr7vCEirAcUlQAWOl1OAXhLVDhM1FCNIal2ap-Cd48DOubdwHRCkDDNq8oweW6ZNv0HDnzJd0NDgJbZZwiCG1Xbz-cijGtn2n8A...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4CfTtXcxkCxZVUfJ-bNjjPXzGJwKMxOhbM7UryP-MHfr7vCEirAcUlQAWOl1OAXhLVDhM1FCNIal2ap-Cd48DOubdwHRCkDDNq8oweW6ZNv0HDnzJd0NDgJbZZwiCG1Xbz-ci...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4CfTtXcxkCxZVUfJ-bNjjPXzGJwKMxOhbM7UryP-MHfr7vCEirAcUlQAWOl1OAXhLVDhM1FCNIal2ap-Cd48DOubdwHRCkDDNq8oweW6ZNv0HDnzJd0NDgJbZZwiCG1X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4CfTtXcxkCxZVUfJ-bNjjPXzGJwKMxOhbM7UryP-MHfr7vCEirAcUlQAWOl1OAXhLVDhM1FCNIal2ap-Cd48DOubdwHRCkDDNq8oweW6ZNv0HDnzJd0NDgJbZZwiCG1Xbz-cijGtn2n8A&google_hm=AcdUs1bbdhBJks8ADsWuEit17sA
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4CfTtXcxkCxZVUfJ-bNjjPXzGJwKMxOhbM7UryP-MHfr7vCEirAcUlQAWOl1OAXhLVDhM1FCNIal2ap-Cd48DOubdwHRCkDDNq8oweW6ZNv0HDnzJd0NDgJbZZwiCG1Xbz-cijGtn2n8A&google_hm=AcdUs1bbdhBJks8ADsWuEit17sA
cache-control
no-cache
content-length
0
x-amz-cf-id
_n2Oj6Lag6HMrzPzhy_fraxDh8xTuC_kV_R3y8MoZ7B6IpLAJk-jjQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEC-75vUMVYa4Se9zVG6q-Us&google_cver=1&google_push=AehlK4DYCkciH3pRL4MGj7fA0tWNnLxP3YFfffd7DJa-UbfeEFelOlzIQQNhCSrzwRnpyi2axldS9R1j-CEHFk5OrgcewVG8lX3KwlA9S...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVlTMUZfVm5Eb3E3b09kZGRWY1RZdw%3D%3D&google_push=AehlK4DYCkciH3pRL4MGj7fA0tWNnLxP3YFfffd7DJa-UbfeEFelOlzIQQNhCSrzwRnpyi2axldS9R1j-CEHF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVlTMUZfVm5Eb3E3b09kZGRWY1RZdw%3D%3D&google_push=AehlK4DYCkciH3pRL4MGj7fA0tWNnLxP3YFfffd7DJa-UbfeEFelOlzIQQNhCSrzwRnpyi2axldS9R1j-CEHFk5OrgcewVG8lX3KwlA9Sy4a2iiHNd7Zc6WIaqYA5GJD8o5LteRcL3Ln0zAgvg
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bVlTMUZfVm5Eb3E3b09kZGRWY1RZdw%3D%3D&google_push=AehlK4DYCkciH3pRL4MGj7fA0tWNnLxP3YFfffd7DJa-UbfeEFelOlzIQQNhCSrzwRnpyi2axldS9R1j-CEHFk5OrgcewVG8lX3KwlA9Sy4a2iiHNd7Zc6WIaqYA5GJD8o5LteRcL3Ln0zAgvg
date
Sat, 03 Sep 2022 13:32:37 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
289
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
result
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 019B
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEHF6n12H11kCu750PeMs250&google_cver=1&google_push=AehlK4DL7NUvPNf_EVNppTKCWQHowafh12aWkxMWLrjLrJduqlbIBHtjK76OiMwi...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEHF6n12H11kCu750PeMs250&google_cver=1&google_push=AehlK4DL7NUvPNf_EVNppTKCWQHowafh12aWkxMWLrjLrJduqlbIBHtjK76OiMwi...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4DL7NUvPNf_EVNppTKCWQHowafh12aWkxMWLrjLrJduqlbIBHtjK76OiMwiCTMdthmwsz0istQklUO05zc1fPNlSJ_5VzY1UnoKkHpYoXV2hgynn0h-yoSrwh...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:39 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
286
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEELMOKEk-z1UpdRrdMoIxIM&google_cver=1&google_push=AehlK4CVlw9F2ns3jWpPPaN0rsB6CwyaGbNDr3Sm0rGtoRPyQz753aGy_BMpqv1vb8oMUvFFTtTv7YvczsWtWWdF_G...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTczNjkwNDAzMTA2OTcwMDEyMzA&google_push=AehlK4CVlw9F2ns3jWpPPaN0rsB6CwyaGbNDr3Sm0rGtoRPyQz753aGy_BMpqv1vb8oMUvFFTtTv7YvczsWtWWdF_GCP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTczNjkwNDAzMTA2OTcwMDEyMzA&google_push=AehlK4CVlw9F2ns3jWpPPaN0rsB6CwyaGbNDr3Sm0rGtoRPyQz753aGy_BMpqv1vb8oMUvFFTtTv7YvczsWtWWdF_GCP3gkdhwGfd5wHLCv3IpSvs_-ujCxuek4cTJKe2Q0RCYEXcU9ZPLhj4Q
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTczNjkwNDAzMTA2OTcwMDEyMzA&google_push=AehlK4CVlw9F2ns3jWpPPaN0rsB6CwyaGbNDr3Sm0rGtoRPyQz753aGy_BMpqv1vb8oMUvFFTtTv7YvczsWtWWdF_GCP3gkdhwGfd5wHLCv3IpSvs_-ujCxuek4cTJKe2Q0RCYEXcU9ZPLhj4Q
Date
Sat, 03 Sep 2022 13:32:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEPwlnxCawtR7deJhyNZKBOk&google_cver=1&google_push=AehlK4D8iJx6nx9D_s4L25CXTE8Hj1ha_Gxc0QKnLdo1MMKeeibGjukmYjg7j05LM13zH8dmoKL-CWjv-HY5pe-De...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4D8iJx6nx9D_s4L25CXTE8Hj1ha_Gxc0QKnLdo1MMKeeibGjukmYjg7j05LM13zH8dmoKL-CWjv-HY5pe-DenbC-4zTDLMnmlj4MO1w4zWEUHoPlcpiSXxaWi1L4xO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4D8iJx6nx9D_s4L25CXTE8Hj1ha_Gxc0QKnLdo1MMKeeibGjukmYjg7j05LM13zH8dmoKL-CWjv-HY5pe-DenbC-4zTDLMnmlj4MO1w4zWEUHoPlcpiSXxaWi1L4xOImnKxzhtDHUpx&google_hm=AcGCdjY2O05wjXZl-Jezs8g
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4D8iJx6nx9D_s4L25CXTE8Hj1ha_Gxc0QKnLdo1MMKeeibGjukmYjg7j05LM13zH8dmoKL-CWjv-HY5pe-DenbC-4zTDLMnmlj4MO1w4zWEUHoPlcpiSXxaWi1L4xOImnKxzhtDHUpx&google_hm=AcGCdjY2O05wjXZl-Jezs8g
Date
Sat, 03 Sep 2022 13:32:37 GMT
Server
Apache
Connection
keep-alive
Content-Length
275
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEC-L75Ohux-hf2T8yOt__yY&google_cver=1&google_push=AehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYFd-nh4UABBsqQ...
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEh...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOQ_x6AP7Gg6FlsQq1AlJ5tC757eb5LnJsamETxA&google_push=AehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYF...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=XJdjO9sbhfPS81pHqyZq&google_push=AehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYFd-...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=XJdjO9sbhfPS81pHqyZq&google_push=AehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYFd-nh4UABBsqQ0AZDfxEFoznHN7kDi8d2P3v6i2Ck4MJIT2EHZi4BkNU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Sat, 03 Sep 2022 13:32:39 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=XJdjO9sbhfPS81pHqyZq&google_push=AehlK4CFl0Ur4-ZNqZO87z9S_jbcjTFMOtN8dt7nMzr1lYkHdZsdIHKsvoD-ZtLD_eEhFyrQ2Uum8y27P9CSEsQA5AYFd-nh4UABBsqQ0AZDfxEFoznHN7kDi8d2P3v6i2Ck4MJIT2EHZi4BkNU
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
272
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame 019B 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ID3VnV0nWwzupay8zHxgKg9162iUhhgoSVz7mOJcTBL-4Y-djQYabjOOENq_Nli8T6zEE84g
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sync
partners.tremorhub.com/ Frame 9AC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESECIRygRRRhyucotE85CaoGA&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESECIRygRRRhyucotE85CaoGA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNV-gWpVopuhtxjuk7Hdowzrs59IHPxPGdERU4fdzpvMG59J_1QaehEZ73jL6SH45doh3yGDh4DnLqZnGHQaMslvuc0Dvg
Protocol
H2
Server
52.5.102.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-102-142.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESECIRygRRRhyucotE85CaoGA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 9AC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEImEiFhO4m3WASW7XtBnSA4&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEImEiFhO4m3WASW7XtBnSA4&google_cver=1&__user_check__=1&sync_id=e04e5a14-2b8c-11ed-a1ae-17c4e7040307
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEImEiFhO4m3WASW7XtBnSA4&google_cver=1&__user_check__=1&sync_id=e04e5a14-2b8c-11ed-a1ae-17c4e7040307
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNV-gWpVopuhtxjuk7Hdowzrs59IHPxPGdERU4fdzpvMG59J_1QaehEZ73jL6SH45doh3yGDh4DnLqZnGHQaMslvuc0Dvg
Protocol
HTTP/1.1
Server
103.71.26.126 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 13:32:37 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
2
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sat, 03 Sep 2022 13:32:37 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEImEiFhO4m3WASW7XtBnSA4&google_cver=1&__user_check__=1&sync_id=e04e5a14-2b8c-11ed-a1ae-17c4e7040307
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
7
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9AC7
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTAzYmI1ODMtMmI4Yy0xMWVkLWFjNzgtMWZkOWI2ODYwMTA3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTAzYmI1ODMtMmI4Yy0xMWVkLWFjNzgtMWZkOWI2ODYwMTA3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNV-gWpVopuhtxjuk7Hdowzrs59IHPxPGdERU4fdzpvMG59J_1QaehEZ73jL6SH45doh3yGDh4DnLqZnGHQaMslvuc0Dvg
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 03 Sep 2022 13:32:37 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZTAzYmI1ODMtMmI4Yy0xMWVkLWFjNzgtMWZkOWI2ODYwMTA3
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
23
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3D7A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1pY0pmWjd4RTJ1RXE1NGJ2NVFRbWtnVFN6bmhjU2x1OH5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1pY0pmWjd4RTJ1RXE1NGJ2NVFRbWtnVFN6bmhjU2x1OH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNXHxhqF8tbBY4c2hoDhx-VRKeICBbwTse-2GW9FOPpKxd-KphGsRLdjprLpaV9FfGSdghwI4oR3haOZNv3OVJux4EQe3g
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1pY0pmWjd4RTJ1RXE1NGJ2NVFRbWtnVFN6bmhjU2x1OH5B
date
Sat, 03 Sep 2022 13:32:37 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 3D7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELhbl3JXo0j3KMy8CkDF4z0&google_cver=1
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELhbl3JXo0j3KMy8CkDF4z0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNXHxhqF8tbBY4c2hoDhx-VRKeICBbwTse-2GW9FOPpKxd-KphGsRLdjprLpaV9FfGSdghwI4oR3haOZNv3OVJux4EQe3g
Protocol
HTTP/1.1
Server
23.47.190.89 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-190-89.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:38 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1662211957969095-41
Expires
Sat, 03 Sep 2022 13:32:38 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELhbl3JXo0j3KMy8CkDF4z0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D7A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjE2NjU3MTZjM2NiMTY1N2Q4YzI4M2FmYmU1OTVjMWY=&gdpr=0&gdpr_consent=
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjE2NjU3MTZjM2NiMTY1N2Q4YzI4M2FmYmU1OTVjMWY=&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvlPxC3ttWlAhjb-sPNATAB&v=APEucNXHxhqF8tbBY4c2hoDhx-VRKeICBbwTse-2GW9FOPpKxd-KphGsRLdjprLpaV9FfGSdghwI4oR3haOZNv3OVJux4EQe3g
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjE2NjU3MTZjM2NiMTY1N2Q4YzI4M2FmYmU1OTVjMWY=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1662211957914098-40
Expires
Sat, 03 Sep 2022 13:32:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BE19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=4290311514371543&bg=!hoWlhcHNAAZTikH4c4o7ACkAdvg8WjKP2xWrskvKada_Kqup6LYHQveeGeoltm5d2gllvsDx8wAOvAIAAACFUgAAAAJoAQcKAKo0kkun3S_jDFFS5ftQdMb9h8TDCKqTyY89Nt3nuk8n0_wt-_RzMpdudXpc-dpg97Srdcx8kRpHgK-gIaibWr3vjyCyn73lVcz6VkW0kKbZyEdx3weWatE2Bp0ZtcXGP9XeRx4SvzBWTW5lnaPN6RZ3wErz5I556vG6r10Dl53JJ0EaMmZwUUyzAQuHxI8yei7no_QGOkkfxZMJleAjHNB9u8pcWB7LwXDULpkCzXg4wrjkeM3JZHzZIhe6njapKP_LhRoB-dTC1wURlSNtIpSHmTKkajD9Pwmvd0DeYGbVw5pvInoR48g2EzFKiZLYq2AjXtIzTMV_yls0dqcfWEzwqw_wTEgywdvqHgWiRXhMiXSJByqHVY4-pPKAHiDsODpHI3j3WS6-HNhvPh0d62Rfm4Q9t1X0OiV00nAJQqD0vCD22-3GDKInvh9EzEEUuS4BN0a0aG8qA6Ml3YojJzI73MEfVarW_fMc4h-cATJayfAG9gNmxhYNZ9buiGqjvYInPlBIWfXsWp-EtUC2brCnLbh5R5nKDKnC96ho6wRhQd3-7tp6Fnemf6XcIPj2mnfmDbngBZ2SlC_WCWJB0Zwipra9bQenBFic9VbwZMZdnXpxirl4GroA07_-MDd0pHjfCa6TL_hhIhc36s1SML90iQLoN9HqE8hNGXlpQto1aQ_UMB5LlxW1ZRFgkN8yU6AyO9BJuSiS7HBGgExIHwKYxgC7-0v6fL7M7GT3bJNSY5lIo_QeFVTikXsGbnPGiHeryZJphOOaHDTcXr9kTqFgh_vjpXb9CBrllO0Y6rbzYKH-LVN3FK7ycyKuAc2yiAvIb0OWNaLj5kyFgzWSKm3n0YvrBlXyLltUFVHBfHqGSaTExLV9d5vj91liN0wrWxmR6KXIAAULM38hTs1b5IffHE8biAN_DdXKImSMb1ki6e4cgPDWwKHT48NrPlXXHgXUeVzzC59bqV6ZqeDYvXkQkQoF9sCFwMa1sP58O4twGtCTAibnHKvGzNwC-yAIOEsFAhRAnboQJkfAJZ5fNoVR0IvTyvtgR9vPZjTYGo-J6DMqRJAPtjDQdZrO_2OzHvMzuanhHekxCZvWUYBeYIzcMuEclw5frLtzia43nhPc-hLaZyA61gHtgTTEj1z5_sp5VM1M5bI0rEWKpBSJV8of1khZ3jS3KK03cA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5444 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=743749482028347&bg=!RUalRgLNAAZTikH4c4o7ACkAdvg8Wly-nQadHG9SoxNo8LGsyukzig4sASfwpZyegmKhIGbsGEiIzAIAAAByUgAAAAJoAQcKAIrutMsUY22PevqPIpNnHpA7h3BzykcEq9CYlRMVp6wyNOpjaqIS7feQ7IuyAkIMUuti4YJ1qeaiC-HBkHKzynSThhTdI1xLnFMgbRBwarq8StcJf-ygfpOI3hd0b1GlrSUoNIpuhkje53UZYJs0x3c9FDwJVlSfvaMiI5CuYBK73JgHuOV5hR-L67OZAq2EgRuYWz-kXK68P0LbiSbMXZnW-ti9eDu0HOpZgfq9pxkYxlDdelAmr1CoWt8s4xjMr92iYNxE71WUO1jTu1SL-kuNUeIbo3htyRICvDM0QMwbrJb8f6B_wet6xuS-UG6c33lc2y5LReWpmKpZ8v6b3ytViz4l-gTQ5RSe3h3D1cFUxP1fHN7frT5s3mR5a5lueGuLhamOFr0_HAwZXIbgaIEs-96Clxtee5l5kHLU6mOcTd0EvT0Rq9HzYakPxtgex9Wofv2mKIWXju0rQpdxk8CfknvX9Q2Ou43FY7S7AWDNaiZPO0tMKjdi2Okn1p1UyqZXrZBpobDENlA6qvlVIBHmF63OJpHt2dBzm7Rw_58lBgZiT9zZimuK1D-A8B14Y8huKsioM3nZ6zYw1evpERjxtAAdfiJ0zqn1ksi6yyjVghgeeqp9EBoGmnta0g8q4x4bX2cmFycpOWEqgXFtGhqoo1olmXY_Qim_thT1HmUQIjd55gb0oH6U4Qa0IB5VIhPZHuAMKLyCRJFxQcE56XX7lDap60KcyCGtets-zqiSov8LRcxeo46DUcBs1PZKTu4q7t0LnqHi36LbXFnagcKB1ArzsWJ5HzsHNfAx38Z-PFitBxdxvMelBnjUENbOANiGVYCr7w_iGmNE_riuPHw3WoUUxcA-2ECOejFJ4CFamNMy9JwWmbOX-GE9gc2KA6SdblqU7JOVB4RoYM7T_Fjb_1_pFV25IeUQ8mGuVBFeTxGcCJ6MTp6i_wf3dX1_VV7rqsmIAFVjjgQplV-m7BDGlyhBr79ZrVIAP4464oUAfOvY-j8dIid8cbY9y89uJEB7d2vXvYVRvpRG_t9dt4tUfdcMW6UXpdl5LK60TcRezg_JCx6Ay0erWcIqle2ekUjhLZf3w9A_EKkC
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame F507 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec641d996803f1e4ece8593bdee2d5ce12a4ff2361d44552aa3b2fa6bff52e6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3C45 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Origin
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 16:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Sep 2022 16:52:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 3C45 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjFIHIz-UTUja-_hQvX9pZXZtDecTV_pgIKhkIaU3925xNff1IbaylNBJ3Tle9GI_kexgjrugRiH-wbRP67zJdTCRNgg&cry=1&dbm_d=AKAmf-DRCtxQ-ey-XVcBADAxKXv1AObrGUqYtQCsgln3WFT3MY8T9jF552GaEKClSJC-HgaGelXBGwj7eXTJtfUg73Xt5LMvlSvmMPIX02xe5S9Pr3mLuxMKVKKIEJsTsrpWBQTBzgCNlh8EO47Qn1Nxef_zz1XUuFE0ZzThbJGoYg-cisSB4m4DFPCrTjfy9-tSCGMe1aCHeV3dlkVfrEL7LXeRKH3djcDmU301wOshbJ5j6-BSDn8TLo_1KOFg7vRXWcvz-rdYR1MZRp205hJKFCfn2jSOYBLxeAk0-ejdqB1Jha3_dtQbl4ZF3Czc8D9R0vtgi74971o_dEHMvA1UHLWpoS9jpg2t90r4MzaBFDg1PdEPw3PX9POWpT0F_o2Dqr-DkP1t_BuOGqh0VlJo-l-b634jWWIn1oUasWYyFkaK0X7I_nJPapaBC3b95x_G904_sB_XnrjrY-uvsgronCU94Q_H_Ec9hGPuA6OEBHe4p4pJkksrnLfsrJYhjfJ0F0qQdz4-D5-ge6DrYuavEu-pLp-qL8Ks1yaapMOKzDfGd8sNwKHXj1JPNaykH6wCj7SzrIAe9cBBfYDAD-_WXEwJKVCaKvsAI8rVvsvc9P5qIkSlR1kMEHOLCIkVPk0f0Ij2iIUUXEFSoSBzx5-aAgFsWNmmB0XHfR9HY_zfQsiOlYy-qkR5gGqVy3HUHE8GghbyBSgsOKyJ9cXYiOsRydIfymclASA8TsFZkkJc6dYc4O-KRwxTqmBbC_8_tTXk9sHeu6QEZwx1nlAYWI4v3wJ54Z3wMnjdJfYpHV5mAQHX5oRJCG7If-FfupLuCtLSOOhKv22KTc-cKoxMclzIERiWbqh219LyGM8zOJmQ5mclv8SJKuwSb9yB-HjgFfYCm8yzBbe8PbdmJp-1bi5yPz7duN8AdY49vAod0JpyFx2Xc2DvMqv32Hwq_BtZ-RkIRlUPs1bfp6vEJ04EW9zT54EXOxSmR9cjXKafD2VNhoEUD7gnDgL7p_fiA7cUP3VH-JzNKSm2aQHBsKVTg1GVYQizpBXxyP78X-dbaw3HjICnmWsuVzrUnMBWG-oMwMvDDFOzurUTK2ddvG_WJbTeQ6obKU2w8FhtubKJGknMs-6njZwXGIiOZcZ2KB4D4GXLBHd5mex8d0M2pUVd3U6hASWIQiWjpxvr6ACZllJtvDxw2lsHaVU9OVta07LWQ1L_FH_RfRzIioWnOoa6MayTtFXkFTWcpTpTIzQNGM_8sMm7i4RtqjpsSWLhdTzQp7Eqixknr01zIEA6Re9EVY2qKjuFA5omWuioW1cyxhXmG6FMUGnuqOiyPHngwkOPxRa4_PopW8IqpMpJnASGo9V7hobEgx_tNKDoeON8qhqjVH0RlTkA-_SUutyBzTPppvCNsirGlXRzATfKajwBv8j-c8AjYyxBKW5NORP4rPaEymbwsygz6KnRw1JZPu7sFkogrDtf3HLsCPpQ-ZVVAPdtbFTVTrANZghC4r4W1a6cQCfLCDteZRS1o1z00xVblTo5lBtq1k36JGdat8EHcyaWuXRZZnzyByl-2Jz8gYQq2rP2R24cqgEivpTWgZBockY6LWiSi1uURqWstNc0h5Zxu8EVpgQUumo2d-5WNm0NBYTgmE6dy2ZZu-x0zoH9A3gfBapybiqtwycm8hQ12YZurdKfvoIRhPxefA597rAWl0n-i-GCJWLLhc2x3Ld4CQ0AZNpXRT9boXfgoe1NnJbPundeTJpBCejaFxuKewFQQltVMPu4FgvF_0SNwjYnQZ_JKMWSvd8plSYc2AhZ4ZQ5UGwhvWYvhQV6LwUkriRXvSU3X_6yyC3u0bJjwKhblMNnKN8qCGGA2EMN95f3poUEqdTEMYl-OQ56jyh_LgEWZ1XbD_XysLhItiMKULxbJrAh95rVKc3q62xV_mui-vGBBQzsjkHq6HPh25Lqs9AQ3CfRwSSFYjvEtOLdSAgNqkh_jDR-XczPTkh52MwMDyLW2z3mrL8y-xjItJ1SAyk9iXnRpD4BVcV2YX3lN0MlMPE-G5D9lcKvEI0_ZtlLKUKS4xb7KdHnRuFYe1Ask2_8_JUuIXqazs2k3gOn9PS66tGilJGr8x2J0qHqGF7P4jG_xqaWuKwz1QkguGnv8c7mfXMkqVKnJT45jYoEQYMyTkHmZLJGRNWOqos3tVIqIm2ixNrvBdqbRpcGZCJHwp5NJPLNrmwQFOmb6BuwD0knOZzGRITz_EG-wyC0k-xsgYKeIjnnHlMqVx3Y4zgmIzjITfSLTlf-KwJ2M88E553N4Wh1vBHh9BUJDZ2k9MjUdcARORUljwDfpPpbY6VWIhhoCP7vdmtl1Tmo5y9R73VxZf2XNRUf-Ao1taEnVX8mk5f2UYfNH58CC8C4UgQDDc4c9lJ_UXECKNqHKIcibFiI4m3So8BZ0E53AOQuFRYqCMzwuOeggldm1CWJGpJAa_jP3jo6mOyhsrVKbeWC5248sr3YCrjKBgeRmXPa6x1Oh-GDTTjNmFcgPVco-EBj9_d8XTFjqYifZd_X24u96iyTv0pgef8MOLWF0L9J7uX8fprNjTWRBR7qTx4h_fRAj72RqSWmZdokegf6Qd56dyGEvt5ipeGLHb10cPCYKR_lZtE6Vzzy046i321znP9WCWVF-Pft_x-eJbcFsp-xupOOXFsM9ECcSI40p7853DqFrLvyz4-ZoMmLtR2bzcRjX7iH5-bXI3QBKyhA87b3REqRdyR45yWTqTw2ACT3T9QDUZPR30_Mmh3vJXLqIDvFy_cebJWJ95I8JEVXrB-IyA-brXutRS_0GCD0CGnWTkxxBOfV47Ldew9Mt28OfxF14g5Cf388WRHYxWd3ZIVyY-9dRiU0Jq4ZJZrmqpK-pgfNTuXs8wTYQCfRaVbQl-yBS59Nlf7AkYh9uPAVlkPDTWR3KBZdX_O5auNgaLg0FYi4XgO8tdFZBb0ceuXxako6n7kbZpgWCgCD5DEtaBdpDfDqbU_CFl-yG66XdlRdU0BUPE2K-YdeSAgHLR_4wSfNckJ4aRu23wTOfVtrpDaMJU2KuUl69HnM6QLj39CcxxRhC0-ElCwHzQYUbSbPeCiJe2dLahiDdEZtB6a1-PQ2zjlFEq2TbrwwcQ109r8oe0xR9KokcPoCfjB2cqCTeBc-4ksam74UwaeYYCbF7AGTWZ_lR3FYcuYD0vNCu75FjlJN0U7PgztQZk2oUBaHMCt0mIPKO0tEcj35DIFNzi8CHN_phuS80GeftcUDEJu5Ox6jccBeYJ4gNiqvrA_8551_Gus1Ag9kqiLg0h4DZOfYSWzsxSnFwPjQB0rErS2A8RmCDTbzYPA7468RfP5vuAOvrWizjEu_wP0YPcZxmuMXdJ64xL33wMGo9zBKKQ0MywVbckLM3nzD2dAtJpyqp7AAhUdsr7AUOPyKnxM&cid=CAASJeRo8pWAA6F9jk7HqOJhZoU8lI4Wvxb0dvi4JUOIv2HkIFpsb4I&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:28:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 3C45 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjFIHIz-UTUja-_hQvX9pZXZtDecTV_pgIKhkIaU3925xNff1IbaylNBJ3Tle9GI_kexgjrugRiH-wbRP67zJdTCRNgg&cry=1&dbm_d=AKAmf-DRCtxQ-ey-XVcBADAxKXv1AObrGUqYtQCsgln3WFT3MY8T9jF552GaEKClSJC-HgaGelXBGwj7eXTJtfUg73Xt5LMvlSvmMPIX02xe5S9Pr3mLuxMKVKKIEJsTsrpWBQTBzgCNlh8EO47Qn1Nxef_zz1XUuFE0ZzThbJGoYg-cisSB4m4DFPCrTjfy9-tSCGMe1aCHeV3dlkVfrEL7LXeRKH3djcDmU301wOshbJ5j6-BSDn8TLo_1KOFg7vRXWcvz-rdYR1MZRp205hJKFCfn2jSOYBLxeAk0-ejdqB1Jha3_dtQbl4ZF3Czc8D9R0vtgi74971o_dEHMvA1UHLWpoS9jpg2t90r4MzaBFDg1PdEPw3PX9POWpT0F_o2Dqr-DkP1t_BuOGqh0VlJo-l-b634jWWIn1oUasWYyFkaK0X7I_nJPapaBC3b95x_G904_sB_XnrjrY-uvsgronCU94Q_H_Ec9hGPuA6OEBHe4p4pJkksrnLfsrJYhjfJ0F0qQdz4-D5-ge6DrYuavEu-pLp-qL8Ks1yaapMOKzDfGd8sNwKHXj1JPNaykH6wCj7SzrIAe9cBBfYDAD-_WXEwJKVCaKvsAI8rVvsvc9P5qIkSlR1kMEHOLCIkVPk0f0Ij2iIUUXEFSoSBzx5-aAgFsWNmmB0XHfR9HY_zfQsiOlYy-qkR5gGqVy3HUHE8GghbyBSgsOKyJ9cXYiOsRydIfymclASA8TsFZkkJc6dYc4O-KRwxTqmBbC_8_tTXk9sHeu6QEZwx1nlAYWI4v3wJ54Z3wMnjdJfYpHV5mAQHX5oRJCG7If-FfupLuCtLSOOhKv22KTc-cKoxMclzIERiWbqh219LyGM8zOJmQ5mclv8SJKuwSb9yB-HjgFfYCm8yzBbe8PbdmJp-1bi5yPz7duN8AdY49vAod0JpyFx2Xc2DvMqv32Hwq_BtZ-RkIRlUPs1bfp6vEJ04EW9zT54EXOxSmR9cjXKafD2VNhoEUD7gnDgL7p_fiA7cUP3VH-JzNKSm2aQHBsKVTg1GVYQizpBXxyP78X-dbaw3HjICnmWsuVzrUnMBWG-oMwMvDDFOzurUTK2ddvG_WJbTeQ6obKU2w8FhtubKJGknMs-6njZwXGIiOZcZ2KB4D4GXLBHd5mex8d0M2pUVd3U6hASWIQiWjpxvr6ACZllJtvDxw2lsHaVU9OVta07LWQ1L_FH_RfRzIioWnOoa6MayTtFXkFTWcpTpTIzQNGM_8sMm7i4RtqjpsSWLhdTzQp7Eqixknr01zIEA6Re9EVY2qKjuFA5omWuioW1cyxhXmG6FMUGnuqOiyPHngwkOPxRa4_PopW8IqpMpJnASGo9V7hobEgx_tNKDoeON8qhqjVH0RlTkA-_SUutyBzTPppvCNsirGlXRzATfKajwBv8j-c8AjYyxBKW5NORP4rPaEymbwsygz6KnRw1JZPu7sFkogrDtf3HLsCPpQ-ZVVAPdtbFTVTrANZghC4r4W1a6cQCfLCDteZRS1o1z00xVblTo5lBtq1k36JGdat8EHcyaWuXRZZnzyByl-2Jz8gYQq2rP2R24cqgEivpTWgZBockY6LWiSi1uURqWstNc0h5Zxu8EVpgQUumo2d-5WNm0NBYTgmE6dy2ZZu-x0zoH9A3gfBapybiqtwycm8hQ12YZurdKfvoIRhPxefA597rAWl0n-i-GCJWLLhc2x3Ld4CQ0AZNpXRT9boXfgoe1NnJbPundeTJpBCejaFxuKewFQQltVMPu4FgvF_0SNwjYnQZ_JKMWSvd8plSYc2AhZ4ZQ5UGwhvWYvhQV6LwUkriRXvSU3X_6yyC3u0bJjwKhblMNnKN8qCGGA2EMN95f3poUEqdTEMYl-OQ56jyh_LgEWZ1XbD_XysLhItiMKULxbJrAh95rVKc3q62xV_mui-vGBBQzsjkHq6HPh25Lqs9AQ3CfRwSSFYjvEtOLdSAgNqkh_jDR-XczPTkh52MwMDyLW2z3mrL8y-xjItJ1SAyk9iXnRpD4BVcV2YX3lN0MlMPE-G5D9lcKvEI0_ZtlLKUKS4xb7KdHnRuFYe1Ask2_8_JUuIXqazs2k3gOn9PS66tGilJGr8x2J0qHqGF7P4jG_xqaWuKwz1QkguGnv8c7mfXMkqVKnJT45jYoEQYMyTkHmZLJGRNWOqos3tVIqIm2ixNrvBdqbRpcGZCJHwp5NJPLNrmwQFOmb6BuwD0knOZzGRITz_EG-wyC0k-xsgYKeIjnnHlMqVx3Y4zgmIzjITfSLTlf-KwJ2M88E553N4Wh1vBHh9BUJDZ2k9MjUdcARORUljwDfpPpbY6VWIhhoCP7vdmtl1Tmo5y9R73VxZf2XNRUf-Ao1taEnVX8mk5f2UYfNH58CC8C4UgQDDc4c9lJ_UXECKNqHKIcibFiI4m3So8BZ0E53AOQuFRYqCMzwuOeggldm1CWJGpJAa_jP3jo6mOyhsrVKbeWC5248sr3YCrjKBgeRmXPa6x1Oh-GDTTjNmFcgPVco-EBj9_d8XTFjqYifZd_X24u96iyTv0pgef8MOLWF0L9J7uX8fprNjTWRBR7qTx4h_fRAj72RqSWmZdokegf6Qd56dyGEvt5ipeGLHb10cPCYKR_lZtE6Vzzy046i321znP9WCWVF-Pft_x-eJbcFsp-xupOOXFsM9ECcSI40p7853DqFrLvyz4-ZoMmLtR2bzcRjX7iH5-bXI3QBKyhA87b3REqRdyR45yWTqTw2ACT3T9QDUZPR30_Mmh3vJXLqIDvFy_cebJWJ95I8JEVXrB-IyA-brXutRS_0GCD0CGnWTkxxBOfV47Ldew9Mt28OfxF14g5Cf388WRHYxWd3ZIVyY-9dRiU0Jq4ZJZrmqpK-pgfNTuXs8wTYQCfRaVbQl-yBS59Nlf7AkYh9uPAVlkPDTWR3KBZdX_O5auNgaLg0FYi4XgO8tdFZBb0ceuXxako6n7kbZpgWCgCD5DEtaBdpDfDqbU_CFl-yG66XdlRdU0BUPE2K-YdeSAgHLR_4wSfNckJ4aRu23wTOfVtrpDaMJU2KuUl69HnM6QLj39CcxxRhC0-ElCwHzQYUbSbPeCiJe2dLahiDdEZtB6a1-PQ2zjlFEq2TbrwwcQ109r8oe0xR9KokcPoCfjB2cqCTeBc-4ksam74UwaeYYCbF7AGTWZ_lR3FYcuYD0vNCu75FjlJN0U7PgztQZk2oUBaHMCt0mIPKO0tEcj35DIFNzi8CHN_phuS80GeftcUDEJu5Ox6jccBeYJ4gNiqvrA_8551_Gus1Ag9kqiLg0h4DZOfYSWzsxSnFwPjQB0rErS2A8RmCDTbzYPA7468RfP5vuAOvrWizjEu_wP0YPcZxmuMXdJ64xL33wMGo9zBKKQ0MywVbckLM3nzD2dAtJpyqp7AAhUdsr7AUOPyKnxM&cid=CAASJeRo8pWAA6F9jk7HqOJhZoU8lI4Wvxb0dvi4JUOIv2HkIFpsb4I&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 12:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 12:29:12 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5AE0 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Origin
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 16:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Sep 2022 16:52:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 5AE0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdVPFrmCq_JSvXd6qHzprXXCwMzbyf25N-L_hofDjSjQRnX_mW1hlTl1KgM49b7W6bbFNURCrz59vtOv0E0MzpRXuFwQ&cry=1&dbm_d=AKAmf-CrKpHOV5iHaEOQDME0uhI6-q5DLBw5gCOeJbvato5UlbBIP6lC9zb5rqC2EKL6zdKkbaX3I15oyHOKQVwQyJoIPBuZJNmhhjgIDIaPdUOICYmvS0YJvl3EmzI3TLtuSqx1pquDeHOR_GBVwp1Y-epnm1TL95xMdDXXzNOiTnT3HG30-uqUe5GNY98nStA6Ezy-_7FwuKj2SGBYD2hUzQZVSwsp8BNoqjMGxrXlmm2xutRzE5WS-UsVcr5jfF1ouPYJO9_2RjQWHooWn0g1VsQlvihryzFlJaDz61VpxwRdU9JfGDUR89o0Q7KPm7dPJ41apFHQExquAyFAdlh0oWgTwG5eyVC5fZ-XkskisrrwDHQ8lFH4MNn_-46agDCm3BGTTXb8qMCZPV0xBhgGu47MkCDsZ6FnhrYj4RA7zGsgD0y0a3Y6TwMaYudnlHrlX0r70Lm_lORw-MMltBlOPHBCknP8XKByrsB-AoyV0TTGSF9hzXMjdajQNVgZMN3ZhGY2Ir2lPEzrdoOvy4VvDwp5thIyZj0HtaChwAsEeoCMpmKmOXp9tDJPAhUVj2hgH9lPDJ1BgbucE_CVy8e1EkB-Qpy3NEkSwcVQRIHJnMy4NV7IIfjFy6B00RDaSlO94gu4mjSEIVU02zPkSyl7QcTZX3gE7woDyBSTu8rw_s_LJulMj2ZYQYpPdHE0UyMPM3LFPjRLpPaDWxDPQaN8OF-q_mAjnfqV7ILLPqaap6mMVW_s64qlnTOf46zyfRyqp1OpaTJcPNJ1RbOB83YXGyNy9E3J6unWkXlil6VQhpnQkPORgVU1etEVpRNGk28c7nqonLxy4lnHUIMiogbLk-CU9RmukOzATLMv5nWNzP19fre6nIz4ZojSC1RbbVE4X4AUZgEHmOWs2p6lxCMTfj6n9yeEUSQ7BNXqT-X4aHsIIdcB639FWv6rru-JZasb9OPIxMXh4BgKP5NtDfa-gXnQHO0KV8HruJchc2RUz1PdWkXU5tuco_dItV-CAI1wsKOhDjIgnaZ8PdiFPJkpZg28dec5qFBAQhovBX7ZTF1JbmI8ig2va1O3AMFGtVDctkn7iDO-Gu5zCcu-wAQO5ADEWtpcKRsn3FKJeH8UkrHqVru4UjZ1k_B1huq19IuuOFKSp3MCs8tB4bOwwCyWqUysaQWPm_rthmI-NnHQGk1nhVb894iI8YsoWqKzEeVI91SOfU-kUG9DqrswwiPFW_T_TOxGhfpROazebF4nwN2i9_fUiYWYVsNiJnmu-YufOPGX-08mYRZ5EJ1qETwdikVhpJdPpe2oRy4MPggt95-zvifY8D6-yGVazeGH0RedlB1M8gWC1mMjDYdRb08kDuUfmuLE-50MUHUZhQ4GhWrPVsExcxPZD93G6DpCAqB-ndCXWET-2ozS1AfHLxuMcwDBQ02ZpLxOIlYH2AE1oGImrlNUzlDvy9uBum7XIgL-NArbtAIOMlJK610tCoLYI3Qx83lhXkJA7lmdkPIYnOuaQFsQlrx33V6PWI6Au_OMNPSBfi2FcmxngZoCyvWPoLAVHDe05YhExRfjH7bBgRVeBfWCktjt3g-_TAnbzSqjp6USyfKgk90cpvYDHgd0M25Y81NSGDF5N6lNk7Q658XE4PBWsut_bEamjo8qJ7oEoFH9KiYqhmfGOkfyqABbd0IbrXdppsl3nrgxfWoDPbfLKTL8mm_YaSfEfx5ygF5l7yyi6XTffnGrLPc1Ly2mX0aZUbIU76df1dKCy2lDrGVSQTHedVmLj-DBR4ZDKbpFNVM7WfIC9inH0XA0aH90UihXzD6K4ZGAEDNzowBIfCX62xDp0ke_xHZ0TEOLuRiG_6PCiUjv-zdHiG0BADAU0XoGxTpsoO1nsGxcOYAWMZPC3k000THJRLeAIBmupzrfd_CzPTUgTkSnGfZovlZ51rfjjjyByyyTJBDh9pXi2-i2stNLVNdyCHY07o-9KT6DDBixo7p8WoeqcXY0v9DB8FKe_yDr_BxAlPGoFViErZ1eCPQYbS63_7hNWKjl0dfacPR2hUvT7_fupI2pFUtPFArFoCB9-dZAP35yFir815J3Mj3PbNMAHibUvggGET3e3CTrnKobRQIKTL6luE2sWVaTCfCEVHdAp2a4Q_k1OXBWhaRwnUgRHVsjn4P8hkikVKGuSF2MArZGtP5WnDF2fzne31pgnl-29JRA5Z0ctsc9Q2LxMteOg3aAIIcF_zjhQDahXpUaXNYGkvMPkg01JGodlE7vAMTBJN_im1i9tDf2R0IdocwdIkN9_uBgWO1HjundRyplJZmxlESTclvLgyj5sqYn_veUl2BHTU2mOe9koMYCmdte8tHlj8gyS5BN-BfbdfZcKHJpPZNB8BTo8BvWuNA4jKT0NzNmwgD5w6yyvg6317nus8D3ecyVGT1iZ9AKt_RnA3FOhC4DYJDhRgQPhikHVQsXTJD5xKi6k9xpPRG5ni_rcYcuLnz8RyrXyydGgr_uaICV2qNVHq3vrnAWhnxtgfI87BgaTN11yOT4gvb02-y-NizRkXwEg_wlRsR1e8soAkM4PpnMQAUfZ10MZxN-5MuFBryYhHa1tq4otAZVhZS8LZjZWQj0ZpWTfwGQUQXhqZ3xFTzDYyFqa2Ogpq4Z4lS3nBffkF7fHI6kzWjN1-IKStChTksotUG715f9kBUqHSb_txSp0OxCwKOyjNIsvYbClLfwJEISDFrOxlt_Nshlz_SCXMcdbJk-tAmoz5LseYiKErtzdvZiMv5QsqYqxbHqUTw96AIQybzn4UdHOPmELpuzZep_QxGi_v5KmgEt_sWOFOQDnHM6n-PuUAQ80ID6esavg7fiBKGzckrK9b9Cn77PRQ00xi90fqTWyfUh_AwvIchU3fLiJMXfWRoxh9gpTmg6xGoWfOIFSewoHVf-7MidZObwC0ysvJM4Qx1C0_MFdBs7-wO8_eXQI5qRmApg-gRLjpb-2D_RnO_tO2L456QUOapLLwOQ7zpxCvsGr7B7qfNcv_j9lRoFe9caltUnRn84Df-MJARE39jO_DC4XAZafib3tPoAoFSmbJreV7r-QQ_S4LBwDp3a-goyDM-0R5Oy-RTs_lbgArr6ZkOtC6wXHHCVaZ2dh0EiwJDB9oGpy9A_8-0raltnTk7QJywv92XIH88gOQKa5ufnqh3MSz3TZImQg_virebv-zHeIqY3RmvF_IVJ7KF1UPKaDmPDc5OB5Ayr8cfRhzJp2a3Lb9a7nj-buoI5ef0kt8C8kzAlCLEgSPFfLxnuXrPUElRlWz6Ad1VzWPf1l8w_SI8bcE6MvBLEHC8aB53ABXEti0AvkT4j6fm1acIrsQHJQE2BYOltXCJkxBATbWCsdCN6UWKb6QrLhF0W0QTbEDyWJYHvWzXEJiQzFaU5Ibi-qoX__vrEF8gx2p7WvYpaLXg&cid=CAASJeRoJVL67oSd2gGzkb1PH5GzWfTvJpn6w2fhXPQYNVNhx4pobAY&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:28:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 5AE0 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdVPFrmCq_JSvXd6qHzprXXCwMzbyf25N-L_hofDjSjQRnX_mW1hlTl1KgM49b7W6bbFNURCrz59vtOv0E0MzpRXuFwQ&cry=1&dbm_d=AKAmf-CrKpHOV5iHaEOQDME0uhI6-q5DLBw5gCOeJbvato5UlbBIP6lC9zb5rqC2EKL6zdKkbaX3I15oyHOKQVwQyJoIPBuZJNmhhjgIDIaPdUOICYmvS0YJvl3EmzI3TLtuSqx1pquDeHOR_GBVwp1Y-epnm1TL95xMdDXXzNOiTnT3HG30-uqUe5GNY98nStA6Ezy-_7FwuKj2SGBYD2hUzQZVSwsp8BNoqjMGxrXlmm2xutRzE5WS-UsVcr5jfF1ouPYJO9_2RjQWHooWn0g1VsQlvihryzFlJaDz61VpxwRdU9JfGDUR89o0Q7KPm7dPJ41apFHQExquAyFAdlh0oWgTwG5eyVC5fZ-XkskisrrwDHQ8lFH4MNn_-46agDCm3BGTTXb8qMCZPV0xBhgGu47MkCDsZ6FnhrYj4RA7zGsgD0y0a3Y6TwMaYudnlHrlX0r70Lm_lORw-MMltBlOPHBCknP8XKByrsB-AoyV0TTGSF9hzXMjdajQNVgZMN3ZhGY2Ir2lPEzrdoOvy4VvDwp5thIyZj0HtaChwAsEeoCMpmKmOXp9tDJPAhUVj2hgH9lPDJ1BgbucE_CVy8e1EkB-Qpy3NEkSwcVQRIHJnMy4NV7IIfjFy6B00RDaSlO94gu4mjSEIVU02zPkSyl7QcTZX3gE7woDyBSTu8rw_s_LJulMj2ZYQYpPdHE0UyMPM3LFPjRLpPaDWxDPQaN8OF-q_mAjnfqV7ILLPqaap6mMVW_s64qlnTOf46zyfRyqp1OpaTJcPNJ1RbOB83YXGyNy9E3J6unWkXlil6VQhpnQkPORgVU1etEVpRNGk28c7nqonLxy4lnHUIMiogbLk-CU9RmukOzATLMv5nWNzP19fre6nIz4ZojSC1RbbVE4X4AUZgEHmOWs2p6lxCMTfj6n9yeEUSQ7BNXqT-X4aHsIIdcB639FWv6rru-JZasb9OPIxMXh4BgKP5NtDfa-gXnQHO0KV8HruJchc2RUz1PdWkXU5tuco_dItV-CAI1wsKOhDjIgnaZ8PdiFPJkpZg28dec5qFBAQhovBX7ZTF1JbmI8ig2va1O3AMFGtVDctkn7iDO-Gu5zCcu-wAQO5ADEWtpcKRsn3FKJeH8UkrHqVru4UjZ1k_B1huq19IuuOFKSp3MCs8tB4bOwwCyWqUysaQWPm_rthmI-NnHQGk1nhVb894iI8YsoWqKzEeVI91SOfU-kUG9DqrswwiPFW_T_TOxGhfpROazebF4nwN2i9_fUiYWYVsNiJnmu-YufOPGX-08mYRZ5EJ1qETwdikVhpJdPpe2oRy4MPggt95-zvifY8D6-yGVazeGH0RedlB1M8gWC1mMjDYdRb08kDuUfmuLE-50MUHUZhQ4GhWrPVsExcxPZD93G6DpCAqB-ndCXWET-2ozS1AfHLxuMcwDBQ02ZpLxOIlYH2AE1oGImrlNUzlDvy9uBum7XIgL-NArbtAIOMlJK610tCoLYI3Qx83lhXkJA7lmdkPIYnOuaQFsQlrx33V6PWI6Au_OMNPSBfi2FcmxngZoCyvWPoLAVHDe05YhExRfjH7bBgRVeBfWCktjt3g-_TAnbzSqjp6USyfKgk90cpvYDHgd0M25Y81NSGDF5N6lNk7Q658XE4PBWsut_bEamjo8qJ7oEoFH9KiYqhmfGOkfyqABbd0IbrXdppsl3nrgxfWoDPbfLKTL8mm_YaSfEfx5ygF5l7yyi6XTffnGrLPc1Ly2mX0aZUbIU76df1dKCy2lDrGVSQTHedVmLj-DBR4ZDKbpFNVM7WfIC9inH0XA0aH90UihXzD6K4ZGAEDNzowBIfCX62xDp0ke_xHZ0TEOLuRiG_6PCiUjv-zdHiG0BADAU0XoGxTpsoO1nsGxcOYAWMZPC3k000THJRLeAIBmupzrfd_CzPTUgTkSnGfZovlZ51rfjjjyByyyTJBDh9pXi2-i2stNLVNdyCHY07o-9KT6DDBixo7p8WoeqcXY0v9DB8FKe_yDr_BxAlPGoFViErZ1eCPQYbS63_7hNWKjl0dfacPR2hUvT7_fupI2pFUtPFArFoCB9-dZAP35yFir815J3Mj3PbNMAHibUvggGET3e3CTrnKobRQIKTL6luE2sWVaTCfCEVHdAp2a4Q_k1OXBWhaRwnUgRHVsjn4P8hkikVKGuSF2MArZGtP5WnDF2fzne31pgnl-29JRA5Z0ctsc9Q2LxMteOg3aAIIcF_zjhQDahXpUaXNYGkvMPkg01JGodlE7vAMTBJN_im1i9tDf2R0IdocwdIkN9_uBgWO1HjundRyplJZmxlESTclvLgyj5sqYn_veUl2BHTU2mOe9koMYCmdte8tHlj8gyS5BN-BfbdfZcKHJpPZNB8BTo8BvWuNA4jKT0NzNmwgD5w6yyvg6317nus8D3ecyVGT1iZ9AKt_RnA3FOhC4DYJDhRgQPhikHVQsXTJD5xKi6k9xpPRG5ni_rcYcuLnz8RyrXyydGgr_uaICV2qNVHq3vrnAWhnxtgfI87BgaTN11yOT4gvb02-y-NizRkXwEg_wlRsR1e8soAkM4PpnMQAUfZ10MZxN-5MuFBryYhHa1tq4otAZVhZS8LZjZWQj0ZpWTfwGQUQXhqZ3xFTzDYyFqa2Ogpq4Z4lS3nBffkF7fHI6kzWjN1-IKStChTksotUG715f9kBUqHSb_txSp0OxCwKOyjNIsvYbClLfwJEISDFrOxlt_Nshlz_SCXMcdbJk-tAmoz5LseYiKErtzdvZiMv5QsqYqxbHqUTw96AIQybzn4UdHOPmELpuzZep_QxGi_v5KmgEt_sWOFOQDnHM6n-PuUAQ80ID6esavg7fiBKGzckrK9b9Cn77PRQ00xi90fqTWyfUh_AwvIchU3fLiJMXfWRoxh9gpTmg6xGoWfOIFSewoHVf-7MidZObwC0ysvJM4Qx1C0_MFdBs7-wO8_eXQI5qRmApg-gRLjpb-2D_RnO_tO2L456QUOapLLwOQ7zpxCvsGr7B7qfNcv_j9lRoFe9caltUnRn84Df-MJARE39jO_DC4XAZafib3tPoAoFSmbJreV7r-QQ_S4LBwDp3a-goyDM-0R5Oy-RTs_lbgArr6ZkOtC6wXHHCVaZ2dh0EiwJDB9oGpy9A_8-0raltnTk7QJywv92XIH88gOQKa5ufnqh3MSz3TZImQg_virebv-zHeIqY3RmvF_IVJ7KF1UPKaDmPDc5OB5Ayr8cfRhzJp2a3Lb9a7nj-buoI5ef0kt8C8kzAlCLEgSPFfLxnuXrPUElRlWz6Ad1VzWPf1l8w_SI8bcE6MvBLEHC8aB53ABXEti0AvkT4j6fm1acIrsQHJQE2BYOltXCJkxBATbWCsdCN6UWKb6QrLhF0W0QTbEDyWJYHvWzXEJiQzFaU5Ibi-qoX__vrEF8gx2p7WvYpaLXg&cid=CAASJeRoJVL67oSd2gGzkb1PH5GzWfTvJpn6w2fhXPQYNVNhx4pobAY&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 12:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 12:29:12 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CDB3 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 16:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Sep 2022 16:52:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame CDB3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZOJ6zhOxQbVADwbyZ9alKs_wZo9GJknMv0WGhxgyBrk3AEhz-XuutAV2luzZ4hl32LGKO4wOkFupCILF431Qvuqx1dQ&cry=1&dbm_d=AKAmf-B4Y4N6pYbT8t6wYnhf7Z2qsLIbaME_-7KpF5j6JY3z6I9vXrms2lmugQuodIqC5QqaDZV6THP3fKaUKEP6e9K3eMQKfnB220IhrqjilBfAeHb7RiLRmnz21eARyx1scQJLVEz8XkvZwFFJHNQTrvR0WzxZ7JuHDR8mzMGagDxOnSqc5F5n-W8ydpyx_zwlZGWDaWsduS6UCw34q_BwLjJzgeldK2PAFcbpmVuj77HiMcmSbtD2YgHLb9DuSTqvnuVdCBm7L8PMMSkN28vGHYBdScxkJRyxw7_3kFm1BgtG6QidtjzCm4NKOHYCXTi7eCm_DWs2UUqwLNaJgtczL_byEAvFWl0lveXN33QeZ6Pi-7eWaDgWPUrpGiVrW-58guRS6-vi-XYt1MZiGEE6ImnTUc6W3TbJKQNcfvH7lRRzMZ5XQb6p4AMojgxqCNmUzShBYNWA2iDwPXrtma-Ql-xjxN9z5JEeNOTaP3cMAaJdncrzBNrujh8y2E4HkAdJhYAImeamMYwwhFYrVZyXwqP-a7glaEnXmBbVUhNvX2e7YYC7qXKi3rVm0aPjVBI-rpUW4pT0h3mYwxNLiGLQUQpg-DB-Wi0uc2D91OLd1c17N16G_N3M2I5PU7nEC9SFD2u7FQYfUqAG_1ZHITUZsGtOxjB2-XP4xHhjMndAkrfQpflANkJtztMGMe3xNPRAjvKdQNLUFBiadtx12mnd_u5LoZiG5Y8GQ8UHsi2yiY7WmBpAJbfdKL1ZyUTU15i0elOpf4t3TSVpvNcAxngBkzCnG3MJs3T8K69E8UJmOq-O3KUPpxu9JqL31jpKS_sCTUrzYceYrj1w7IlhMAeTgDBhN1bFHqBRAPowO8ZSPMvphqss9nOMvkfjv6eHW5p1tPkN325YigkdijYhXTOiTSQNiXAN_b5M1VWINWlZZ6Aj1SKh7IuIsx0XDWkz6sAo_USIx7yGDovpjT8wzDBeVzP64nEtL5cKyDsL_5qmJjAF-z1Wg4ZadIlD1TXRehcwBbzWKxcSKFLksM6ef8dKNem9LBTHHCdmXnyu1jamehxCpEF51IGpiB-EbfZfwVJqpTTzBWdQytRpPzld3K10RCp67o3fF4x0gghjhpEzSCUPXQQUxpeDIZTHLBOeZxC4kudZlvmJ1SHkulK2G1CMvuICSNkWamTP_VIqCY82DDxXjaZzOMAwdl9cTSbuaN1Aoe610awdHcwvMx9oiW-A3uav9cihoQLF8lBo_EsbkoIpHcfXzGiazBHXYy69TPzz8R5KKrrUSNvFrCEnjMgNS-NQ8gLBv6nR-7HUEDExTIPbBtFnVhVa0q1AhHxzT_r9SdWZdRie5p95a1DFI6S1Sx90Coo4_napDn7YZOWCuFA8cSgCo_04dUB_XYfhzdHoN6_7-n-TAatzEkj3cfaTPjB75pw-DN_-XSWzysPq2eJ-B7aLf0skVbNeALkuAHIbAHZeFp8KBRDBc3EO7O0E8gSlWrxPQIe34y5g-K_kCFbAJrzs5ovRctiJdkDwEXN6nhrF81xkFAmsYX-QEIvciAC1x6WFHDWUBX5DeWReQVKmeItNXeXRbCdV9LR0lTcWkXwiZ8dj6UecXMm2NVPtlolM8qESeBzpkVgljJFbguUh4pztCLos0tw4txG2IQgsdYTLWREhN_eYb6w6kx8mXJ95OCc9wbBU1a9U9Hq6EyMfKGg_cVRUDnlkcHiUFOG4nfPDqFzmx9Wwdmmck8FAFpRRomn37meNPwd_IeIoXK1eoEMUH4Fp9T-_ZNqDEDe5EVJeKFzoAjUPRbL5NUn_x1o1brY8Hh91HjcpjQpvwi-VxeN5AWktspqrubFngzXTT-c1IuYUgUKOhvxmGSiyZO_WvesZ02wTBS0RJVx2LU-RUAIUs4lMi6JHWszMAJEqG-6eH3B81YWdQfiN-uSIZkQFVRGwk_Hbib8zcWyLwKh3_Gh0aAYKWDHDZpSIYOQbBkDw2eS_5sbW-Dy5AC3eqdQIONMpcSKDIeZ_GxNcaubeBYBUes-c8ZXbit4eZRbkD2CFWE-yE0zJkkdj26tS28er4-Or8wuo-AlkuZbeKQM7Az7mvWfaCWUN_wKtIQZhxNclGGu516t72GkiOsresE7UtZl_zFcLZHf_n-9i4A_3EBxxpUqgfiQV8Z89QZMulzj0pcQdHN8WTauH55DPptsodQP5ELrjwIq9yInGuCIivrjG4GjC9IHf7f7s99uRod-aZpByZ-UqxDfJPP3NAqT8DhFcbHAIv8wPH8Ed_1KBUQHPNj6cXTidTIN42Q3yePnsNdmRZwlEHaGnvcUHS5M44Te8I1wC34BGxZUWk2cOK6zTr_i8i-7w_1ypVO5NHgOWNEgLemKWvhbL0tw3ilZx-y7gbdPdoBf0Pb8dgChUlk863gLRxWKLifwdtUN4sM2RiNO3IQ7GMxsx8SkAKQrbrng_MxGeBNdQKB0JWfm460ppVphmKi5NyQ79sc2-hcIOjrOcMdxft7fr6Y56ZxF2hULaLwFkDE0xkAt0zAZye47_kZQVilBIY3OOaWyXFX6Mvet57jXdmRnDCIk5Gs669Tko1qYJD9ty4emS-2Ua9GJpa5O3TrPfz8-XABriMQlFwXbLQ2yGQ-wBPtkCLShkyk9xgcKFGOJyvW5El9TUmXUaTFvLF-jlmjhfJUudsHjhG-ivf168rXgWXoyTdiN4AU8zGEvtCSuEHwr0zFglQa_xMFXpFJLoRpSLiA17fg7QdgiF7eRjE3E8SVfGEf0_RUdqSWkpt1wg7kzFNkPNcwhTlGGHY2tOcCelF9OUr4NJ4hbQoZRuQ4uIOVTqwOkt8WgWEY7tfURC6WZ0q4bZDBXKsWIh4PnRqiB0skhgHUPPvfdtZWzuE43nH16R30z2_neLBBL4tJpCxSdn1k8etGZJfU6URxWjQi4EJTVuoNSzKULuIBNEmpDAUJrQDIwV6dGMVg&cid=CAASEuRo4FxJUvS2_0zafOqRvAh3gg&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:28:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame CDB3 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZOJ6zhOxQbVADwbyZ9alKs_wZo9GJknMv0WGhxgyBrk3AEhz-XuutAV2luzZ4hl32LGKO4wOkFupCILF431Qvuqx1dQ&cry=1&dbm_d=AKAmf-B4Y4N6pYbT8t6wYnhf7Z2qsLIbaME_-7KpF5j6JY3z6I9vXrms2lmugQuodIqC5QqaDZV6THP3fKaUKEP6e9K3eMQKfnB220IhrqjilBfAeHb7RiLRmnz21eARyx1scQJLVEz8XkvZwFFJHNQTrvR0WzxZ7JuHDR8mzMGagDxOnSqc5F5n-W8ydpyx_zwlZGWDaWsduS6UCw34q_BwLjJzgeldK2PAFcbpmVuj77HiMcmSbtD2YgHLb9DuSTqvnuVdCBm7L8PMMSkN28vGHYBdScxkJRyxw7_3kFm1BgtG6QidtjzCm4NKOHYCXTi7eCm_DWs2UUqwLNaJgtczL_byEAvFWl0lveXN33QeZ6Pi-7eWaDgWPUrpGiVrW-58guRS6-vi-XYt1MZiGEE6ImnTUc6W3TbJKQNcfvH7lRRzMZ5XQb6p4AMojgxqCNmUzShBYNWA2iDwPXrtma-Ql-xjxN9z5JEeNOTaP3cMAaJdncrzBNrujh8y2E4HkAdJhYAImeamMYwwhFYrVZyXwqP-a7glaEnXmBbVUhNvX2e7YYC7qXKi3rVm0aPjVBI-rpUW4pT0h3mYwxNLiGLQUQpg-DB-Wi0uc2D91OLd1c17N16G_N3M2I5PU7nEC9SFD2u7FQYfUqAG_1ZHITUZsGtOxjB2-XP4xHhjMndAkrfQpflANkJtztMGMe3xNPRAjvKdQNLUFBiadtx12mnd_u5LoZiG5Y8GQ8UHsi2yiY7WmBpAJbfdKL1ZyUTU15i0elOpf4t3TSVpvNcAxngBkzCnG3MJs3T8K69E8UJmOq-O3KUPpxu9JqL31jpKS_sCTUrzYceYrj1w7IlhMAeTgDBhN1bFHqBRAPowO8ZSPMvphqss9nOMvkfjv6eHW5p1tPkN325YigkdijYhXTOiTSQNiXAN_b5M1VWINWlZZ6Aj1SKh7IuIsx0XDWkz6sAo_USIx7yGDovpjT8wzDBeVzP64nEtL5cKyDsL_5qmJjAF-z1Wg4ZadIlD1TXRehcwBbzWKxcSKFLksM6ef8dKNem9LBTHHCdmXnyu1jamehxCpEF51IGpiB-EbfZfwVJqpTTzBWdQytRpPzld3K10RCp67o3fF4x0gghjhpEzSCUPXQQUxpeDIZTHLBOeZxC4kudZlvmJ1SHkulK2G1CMvuICSNkWamTP_VIqCY82DDxXjaZzOMAwdl9cTSbuaN1Aoe610awdHcwvMx9oiW-A3uav9cihoQLF8lBo_EsbkoIpHcfXzGiazBHXYy69TPzz8R5KKrrUSNvFrCEnjMgNS-NQ8gLBv6nR-7HUEDExTIPbBtFnVhVa0q1AhHxzT_r9SdWZdRie5p95a1DFI6S1Sx90Coo4_napDn7YZOWCuFA8cSgCo_04dUB_XYfhzdHoN6_7-n-TAatzEkj3cfaTPjB75pw-DN_-XSWzysPq2eJ-B7aLf0skVbNeALkuAHIbAHZeFp8KBRDBc3EO7O0E8gSlWrxPQIe34y5g-K_kCFbAJrzs5ovRctiJdkDwEXN6nhrF81xkFAmsYX-QEIvciAC1x6WFHDWUBX5DeWReQVKmeItNXeXRbCdV9LR0lTcWkXwiZ8dj6UecXMm2NVPtlolM8qESeBzpkVgljJFbguUh4pztCLos0tw4txG2IQgsdYTLWREhN_eYb6w6kx8mXJ95OCc9wbBU1a9U9Hq6EyMfKGg_cVRUDnlkcHiUFOG4nfPDqFzmx9Wwdmmck8FAFpRRomn37meNPwd_IeIoXK1eoEMUH4Fp9T-_ZNqDEDe5EVJeKFzoAjUPRbL5NUn_x1o1brY8Hh91HjcpjQpvwi-VxeN5AWktspqrubFngzXTT-c1IuYUgUKOhvxmGSiyZO_WvesZ02wTBS0RJVx2LU-RUAIUs4lMi6JHWszMAJEqG-6eH3B81YWdQfiN-uSIZkQFVRGwk_Hbib8zcWyLwKh3_Gh0aAYKWDHDZpSIYOQbBkDw2eS_5sbW-Dy5AC3eqdQIONMpcSKDIeZ_GxNcaubeBYBUes-c8ZXbit4eZRbkD2CFWE-yE0zJkkdj26tS28er4-Or8wuo-AlkuZbeKQM7Az7mvWfaCWUN_wKtIQZhxNclGGu516t72GkiOsresE7UtZl_zFcLZHf_n-9i4A_3EBxxpUqgfiQV8Z89QZMulzj0pcQdHN8WTauH55DPptsodQP5ELrjwIq9yInGuCIivrjG4GjC9IHf7f7s99uRod-aZpByZ-UqxDfJPP3NAqT8DhFcbHAIv8wPH8Ed_1KBUQHPNj6cXTidTIN42Q3yePnsNdmRZwlEHaGnvcUHS5M44Te8I1wC34BGxZUWk2cOK6zTr_i8i-7w_1ypVO5NHgOWNEgLemKWvhbL0tw3ilZx-y7gbdPdoBf0Pb8dgChUlk863gLRxWKLifwdtUN4sM2RiNO3IQ7GMxsx8SkAKQrbrng_MxGeBNdQKB0JWfm460ppVphmKi5NyQ79sc2-hcIOjrOcMdxft7fr6Y56ZxF2hULaLwFkDE0xkAt0zAZye47_kZQVilBIY3OOaWyXFX6Mvet57jXdmRnDCIk5Gs669Tko1qYJD9ty4emS-2Ua9GJpa5O3TrPfz8-XABriMQlFwXbLQ2yGQ-wBPtkCLShkyk9xgcKFGOJyvW5El9TUmXUaTFvLF-jlmjhfJUudsHjhG-ivf168rXgWXoyTdiN4AU8zGEvtCSuEHwr0zFglQa_xMFXpFJLoRpSLiA17fg7QdgiF7eRjE3E8SVfGEf0_RUdqSWkpt1wg7kzFNkPNcwhTlGGHY2tOcCelF9OUr4NJ4hbQoZRuQ4uIOVTqwOkt8WgWEY7tfURC6WZ0q4bZDBXKsWIh4PnRqiB0skhgHUPPvfdtZWzuE43nH16R30z2_neLBBL4tJpCxSdn1k8etGZJfU6URxWjQi4EJTVuoNSzKULuIBNEmpDAUJrQDIwV6dGMVg&cid=CAASEuRo4FxJUvS2_0zafOqRvAh3gg&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 12:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 12:29:12 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 02CD 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 16:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Sep 2022 16:52:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 02CD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIE7gmxI44lTmBrDNVZ61i0DX9mBz_tybCeS40I74NUPyMpDZ6v71JqtDQjvtd9uUubLwBkbuX2bLZv2bCIdXamB5MqQ&cry=1&dbm_d=AKAmf-Bw4jLkR7FhOppGZ-ylpbT8vzCH-9vgz2qF93CaatXG0W-Vrnj0ZbOUM8sf_XYbMyttmiiJyTGwzsvBFkBEYe82Q4db6CeN0a3SexX87ZOxlSdS2EttpTrd5dJ63BubZo81BXyYY6YeMhJFVKVmyh-Slub7QNRc0fqJx3o63G30czGWJxmTTcwsmv9yJRDvyEEx6L-wT46dqfT9PRCWPuVdFjOr6jrX4wUmm26Qk5VLxJvI-E3sxDLR1A7M8u-XeK75yELzVlMhXSCJbOOC1JgBEMKit7iw9WvZw6a-cvvOs2SqtD8C74F8sv5uuWIbcRxRrAfjaFMF1scT47F7w2SSOGtCgtYa7qWEsaT9MFdvqxLeri7hH397QRX1ZHnYYQizJiwCiDdbhLQQx6BNW3qfHfohVZoQx0jCdl41nLauhdIErMxBzCY1NO9Th6Omwk0fXAVZ5z88vyxFnUqmYA8RfZFYB6dKaF9IzDrzo4XGMSNSxwhYWz8B_aZjGY4lQEhKgcvQrzSCzW5m5LdtU2CVaaeVToB_R-SgTR-Cies6Ak8M2ADvpa8CIkELMlS2X6ixrEP7cWWubfaLXFq-eOz1DPDDJr1R8345WQpOUYkwTh97AbAWfgGqv_VdFmwCnfkv4ombCxws7_tBoURko7UwzCtk4b2xd0n8nyADflvKAnXmSlHQfkVlEjV6mKTAgFL5UV07v3FQsl-T1DI01LgpnKmOsjyenK5AGvR_BYqVhlF9jBNx4smT2vINiEBHvfXB7DagxXZCNB8FvuXqLXX2bMt6Kd0i41kjgoq92XCt3haJsyOEEVYbCc31_o7W215EDVUSrBJ22VK6EGUr7oD7AAVZspXDIq7MmodlyEroTd_Pt6vDdyDSmkJx2DLOwa-Ynni6QQ167XyUeSYDW3u8XUZ3oSZxoA4BcGH7f7S0pu1vYFsp1sGSPaD6xjy8vW0La58CDuNKsNU85ZbXlKJliXGktjI2TIfOhTkxutOYgHiIUuNNS-LQeDVsF7sfiuBBwUcOQD5zCy5u3DzMCTqahpPkk_kLmYtYshkch_j9egqxhODEiPcCDRspr7Y2wF_71SGGRfyFUwKfQW8u8hUcr2ivO3l8MsZyExb1aZZ6Z4REk7X_3Cb66YGeNkIMPaSj-bRaG5l8zZyTHzBVlp10lEoxm3foDtJwil1l28tCEjxKp0mpJKciJPiUPCscxeoZF9zI7as-UFhUdArxzXvxbLfOaBTv15yEZCUcRcQjz2-IkEq0d-5PAT3iQMUGO-49TMYTXA6LrR12g8iOB68emPO29cynoGhpcNL-e2ayrXl7GnzUYaP3-6pOVu80IBn2Z9_1meTFJ9_RP_ehI0Hf6HLQhIWgzs5-Re9DpLLRiAnhutx7CSlOSdgMBWRdKkxVU-df-4vEicQTIHO8-QoYyuEsLO2ra9OVRu-6k33cBW_0PZ1w_JihcRjuGbxVYSBeLJCbAkCjgN4oiNQceaqpbYlFXByQ926lPlprv2x6h0G4IoDSLOTqr37Tg2S2GqGWhbn8mal53F8eMOgVJ5AsJUqBGOy78CnzqdU1L5L4nh8sQRJUowzMjgma8UGw6rCOwCYlrXtFTPDed8uQatSTk3HDn82aOOI1R1GdUY0tE86qDmFJpV5I0y3y-O_CDDNSMJKWB9YKil4yTE42lVEC6huizfdjsMdAgTX6oWx4Al0qP7iKGHE-4ulwSU1hlVluhHHgRDao-jN_vKuZd67bXa7O44Wr853eFuhcLNC7tfeKYxQDDn_ASeR7PxUCS1b05Y--Njkkh6TLvbsLBuqIHE5SlamX-S7IVlNICA5fWMU_4m2ThvS7SuAX6nxeVFTUXpGTwn_N0-ycRlRNZZ3cmT3ghA0mncthKMC230cLASP_XwWj-brH1xsBQE8UMEv--fvx53Z7U4ZQaPzWro65yLECwy9IK8NTWGEd2bdzM-QE1bYPPidoDKC48lgVQLhzcTGp311H1ENxSl_5hQ6ezsYQ-vPEd_TX7SyUzOUnnn534kTJdEgTr6kP2QahUHHNl3saKgCiRhD8yzzgC5Rzj4RMO-5fWd0vqMDDBTjMRjB_Cf7q203RiiXV6IUuN6-hLKAzBtiwX8KJBWkRmrugX5K_bF1CgGMIsCS8OA-tshPD_A97XyXRR2uXIN6lvHUUypvtPTF97eT8QiYPStZ0FAgwOrJJ476CZ6b5ZV6M0csxB90KofmPwuD-g_bk--dOJFJBDD9TinOtOF75qotqrlUmRcwcsRxn1meGSGh2tpoKoRFEbckUBAPuuYzNCR8kHzhgcJ89MEMBrLmoRhPUQn4HDbr2uoou3pzmBhzj3XW9rZ6tKQpYk9rxPXywpOPP0BTcp3DFx07NEShv6C6IcbmidLBE0OVYiUHlpJTQtzGpeb19mJrUcqF43f77m30aivQil909H_nMbvN31vvcySfW4rx7DDjjGxlqQ-9dsGbLhi2iZbr-BJYf-JqRYjFcLLQHf4ynUuoZqs7cA0Mley4cfzHUapcPpMl7P8twg7FbHTE2omuU_bKUuwuy5V6XBZGe1B83uZPwLJhmsqjRn86ehC96HdObOE8S4d4LjW2mvrrdfoCnIwyo_y5m2HkHTRwNfXx9GtJgmt8iModdNXJ5QImvqUScHePAil08DDbPWr-Pr7tIUvQ8w1u3aEcpZAZamhOvnv7agiQbub8BYedC8II__38Rddec3l0-iB1svZSnwMaI3eynGoUj8E1z62kHGq016X1nIT_Q1sg3wkYX2rxscpdl46W8fA8MZS2_nWIQX51k6H0Pvz6blvF_ZHIAFYa3qxibYQJpbKd6n6_itE6SifXqkoUuXV7G45Hilx9hUN0gYtj_jFRZ4cb7Auy74TikhvKZL-9b4Bblxd9rQyGaB_-RPousGluR5JLKOZzwhx6smsm3Rc0mDHU5d-X7cfn1imdS9LIeuoqoKSAGHA&cid=CAASEuRobZlPwdIsX28mGtrT_yKrSg&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 13:28:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 02CD 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIE7gmxI44lTmBrDNVZ61i0DX9mBz_tybCeS40I74NUPyMpDZ6v71JqtDQjvtd9uUubLwBkbuX2bLZv2bCIdXamB5MqQ&cry=1&dbm_d=AKAmf-Bw4jLkR7FhOppGZ-ylpbT8vzCH-9vgz2qF93CaatXG0W-Vrnj0ZbOUM8sf_XYbMyttmiiJyTGwzsvBFkBEYe82Q4db6CeN0a3SexX87ZOxlSdS2EttpTrd5dJ63BubZo81BXyYY6YeMhJFVKVmyh-Slub7QNRc0fqJx3o63G30czGWJxmTTcwsmv9yJRDvyEEx6L-wT46dqfT9PRCWPuVdFjOr6jrX4wUmm26Qk5VLxJvI-E3sxDLR1A7M8u-XeK75yELzVlMhXSCJbOOC1JgBEMKit7iw9WvZw6a-cvvOs2SqtD8C74F8sv5uuWIbcRxRrAfjaFMF1scT47F7w2SSOGtCgtYa7qWEsaT9MFdvqxLeri7hH397QRX1ZHnYYQizJiwCiDdbhLQQx6BNW3qfHfohVZoQx0jCdl41nLauhdIErMxBzCY1NO9Th6Omwk0fXAVZ5z88vyxFnUqmYA8RfZFYB6dKaF9IzDrzo4XGMSNSxwhYWz8B_aZjGY4lQEhKgcvQrzSCzW5m5LdtU2CVaaeVToB_R-SgTR-Cies6Ak8M2ADvpa8CIkELMlS2X6ixrEP7cWWubfaLXFq-eOz1DPDDJr1R8345WQpOUYkwTh97AbAWfgGqv_VdFmwCnfkv4ombCxws7_tBoURko7UwzCtk4b2xd0n8nyADflvKAnXmSlHQfkVlEjV6mKTAgFL5UV07v3FQsl-T1DI01LgpnKmOsjyenK5AGvR_BYqVhlF9jBNx4smT2vINiEBHvfXB7DagxXZCNB8FvuXqLXX2bMt6Kd0i41kjgoq92XCt3haJsyOEEVYbCc31_o7W215EDVUSrBJ22VK6EGUr7oD7AAVZspXDIq7MmodlyEroTd_Pt6vDdyDSmkJx2DLOwa-Ynni6QQ167XyUeSYDW3u8XUZ3oSZxoA4BcGH7f7S0pu1vYFsp1sGSPaD6xjy8vW0La58CDuNKsNU85ZbXlKJliXGktjI2TIfOhTkxutOYgHiIUuNNS-LQeDVsF7sfiuBBwUcOQD5zCy5u3DzMCTqahpPkk_kLmYtYshkch_j9egqxhODEiPcCDRspr7Y2wF_71SGGRfyFUwKfQW8u8hUcr2ivO3l8MsZyExb1aZZ6Z4REk7X_3Cb66YGeNkIMPaSj-bRaG5l8zZyTHzBVlp10lEoxm3foDtJwil1l28tCEjxKp0mpJKciJPiUPCscxeoZF9zI7as-UFhUdArxzXvxbLfOaBTv15yEZCUcRcQjz2-IkEq0d-5PAT3iQMUGO-49TMYTXA6LrR12g8iOB68emPO29cynoGhpcNL-e2ayrXl7GnzUYaP3-6pOVu80IBn2Z9_1meTFJ9_RP_ehI0Hf6HLQhIWgzs5-Re9DpLLRiAnhutx7CSlOSdgMBWRdKkxVU-df-4vEicQTIHO8-QoYyuEsLO2ra9OVRu-6k33cBW_0PZ1w_JihcRjuGbxVYSBeLJCbAkCjgN4oiNQceaqpbYlFXByQ926lPlprv2x6h0G4IoDSLOTqr37Tg2S2GqGWhbn8mal53F8eMOgVJ5AsJUqBGOy78CnzqdU1L5L4nh8sQRJUowzMjgma8UGw6rCOwCYlrXtFTPDed8uQatSTk3HDn82aOOI1R1GdUY0tE86qDmFJpV5I0y3y-O_CDDNSMJKWB9YKil4yTE42lVEC6huizfdjsMdAgTX6oWx4Al0qP7iKGHE-4ulwSU1hlVluhHHgRDao-jN_vKuZd67bXa7O44Wr853eFuhcLNC7tfeKYxQDDn_ASeR7PxUCS1b05Y--Njkkh6TLvbsLBuqIHE5SlamX-S7IVlNICA5fWMU_4m2ThvS7SuAX6nxeVFTUXpGTwn_N0-ycRlRNZZ3cmT3ghA0mncthKMC230cLASP_XwWj-brH1xsBQE8UMEv--fvx53Z7U4ZQaPzWro65yLECwy9IK8NTWGEd2bdzM-QE1bYPPidoDKC48lgVQLhzcTGp311H1ENxSl_5hQ6ezsYQ-vPEd_TX7SyUzOUnnn534kTJdEgTr6kP2QahUHHNl3saKgCiRhD8yzzgC5Rzj4RMO-5fWd0vqMDDBTjMRjB_Cf7q203RiiXV6IUuN6-hLKAzBtiwX8KJBWkRmrugX5K_bF1CgGMIsCS8OA-tshPD_A97XyXRR2uXIN6lvHUUypvtPTF97eT8QiYPStZ0FAgwOrJJ476CZ6b5ZV6M0csxB90KofmPwuD-g_bk--dOJFJBDD9TinOtOF75qotqrlUmRcwcsRxn1meGSGh2tpoKoRFEbckUBAPuuYzNCR8kHzhgcJ89MEMBrLmoRhPUQn4HDbr2uoou3pzmBhzj3XW9rZ6tKQpYk9rxPXywpOPP0BTcp3DFx07NEShv6C6IcbmidLBE0OVYiUHlpJTQtzGpeb19mJrUcqF43f77m30aivQil909H_nMbvN31vvcySfW4rx7DDjjGxlqQ-9dsGbLhi2iZbr-BJYf-JqRYjFcLLQHf4ynUuoZqs7cA0Mley4cfzHUapcPpMl7P8twg7FbHTE2omuU_bKUuwuy5V6XBZGe1B83uZPwLJhmsqjRn86ehC96HdObOE8S4d4LjW2mvrrdfoCnIwyo_y5m2HkHTRwNfXx9GtJgmt8iModdNXJ5QImvqUScHePAil08DDbPWr-Pr7tIUvQ8w1u3aEcpZAZamhOvnv7agiQbub8BYedC8II__38Rddec3l0-iB1svZSnwMaI3eynGoUj8E1z62kHGq016X1nIT_Q1sg3wkYX2rxscpdl46W8fA8MZS2_nWIQX51k6H0Pvz6blvF_ZHIAFYa3qxibYQJpbKd6n6_itE6SifXqkoUuXV7G45Hilx9hUN0gYtj_jFRZ4cb7Auy74TikhvKZL-9b4Bblxd9rQyGaB_-RPousGluR5JLKOZzwhx6smsm3Rc0mDHU5d-X7cfn1imdS9LIeuoqoKSAGHA&cid=CAASEuRobZlPwdIsX28mGtrT_yKrSg&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 12:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 12:29:12 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0B63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:32:37 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0B63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:32:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0B63 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 29 Aug 2023 13:32:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0B63 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 29 Aug 2023 13:32:37 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 0B63 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=8je1tEz6zhTEjTWZ3oRBbWrtD61623D0pVE_bMLu8bYvTNEQhGHXB0MOOkKchKfehGef5gnrVTXyE1X46IdUjzgSuR51wrwK1OC3LKJN3YbK9PNfWoPdOE-ol5ZYPwOOV7osgGyjTjnhsjGxAQMHnPGInNXjZEjEqY0p0lYoeXvlWHhkzpP_7JUMb1b70mcyQYi2obTuAYrDr3K1dJXMi2qyBduW27SBSo2KIQ6JSkmxnyJDJNqVmsXgBq3vDuuCSEUptgu9wqFjwIg7LwaH6dnmaLVQPoO-TTmcatPYJ5n94SqG9YZe3G46OiuCvLGa2II-owB_mgMevYa9e8QlTx1csFp4cl30bYfx_OMVksN1AMq-NVKH1B_b9TfOyBo6YDLp9KkmmEVkW-GUDPqdKTbzbv-RJMuDxu1gz8PClsRPUG1PoSvcpltTCew_5tLWUesE1g
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3352580
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3C45 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 13:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:04:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4AC7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
63056
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 20:01:41 GMT
etag
48472445140208031
expires
Sat, 03 Sep 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3C45 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
276212b198e92096101794454d1fb0b20d66148a92e9328fa5c1d3bef511519b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:08 GMT
server
nginx
etag
W/"63041db0-15cdc"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 04 Sep 2022 13:32:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5AE0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 13:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:04:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 04D3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
63056
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 20:01:41 GMT
etag
48472445140208031
expires
Sat, 03 Sep 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5AE0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476f92cf049e0e11f637ccf1f4968f5532076b44ee8975f6ef9ae1c868f830e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CDB3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 13:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:04:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4ECE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
63056
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 20:01:41 GMT
etag
48472445140208031
expires
Sat, 03 Sep 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 02CD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 13:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:04:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F62F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
63056
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 20:01:41 GMT
etag
48472445140208031
expires
Sat, 03 Sep 2022 20:01:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CDB3 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9354ff215cb66e25ba70cac493606495d497fb4c74af6e960556262e1f51b33f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 02CD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
003b0bc14245edaabb311163b5de785da8b910590561602972b594ef959e0168

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0B63 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
159735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2h2cA50uCZ7jtQPDgwWusuJYMxX%2BHpX3X7Y3b1nKIvP%2Bkb3OXWNTgLIwyF3yrvTOm26F5VX2PNvzwTm60EgYWxhO%2BDkIQOOGGVmh9C%2B1UyQMfp2VDmRR2Flq52bWZSmB8Eo60lwq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
744eda3f5939a888-SYD
expires
Thu, 24 Aug 2023 13:32:37 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 67AF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
87556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 13:13:21 GMT
expires
Sat, 02 Sep 2023 13:13:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C45 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BRKzZdFcTY4fiJZOo1AaJ2a3wBQAAAAA4AeAEAg
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 4AC7
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHsmgcsGFxGNUyy8eUSue00&google_cver=1&google_push=AehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25o...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHsmgcsGFxGNUyy8eUSue00&google_cver=1&google_push=AehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl2...
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHsmgcsGFxGNUyy8eUSue00&google_cver=1&google_push=AehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25oPwroUgmXJwWEL1AlQTXKmYvKPRFmsv7x5lCJ1jsiL4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25oPwroUgmXJwWEL1AlQTXKmYvKPRFmsv7x5lCJ1jsiL4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
744eda41da55a959-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
9256
cf-ray
744eda4008baa959-SYD
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHsmgcsGFxGNUyy8eUSue00&google_cver=1&google_push=AehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25oPwroUgmXJwWEL1AlQTXKmYvKPRFmsv7x5lCJ1jsiL4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4B3BlPTIb4gAnlQHQlZOcOGj48p377-bjVtbTSbtfq_5M2Pxq56SmHgF6U6ysyhrtPrjFGiYXroysE2GB0TgeVSlOzcXl25oPwroUgmXJwWEL1AlQTXKmYvKPRFmsv7x5lCJ1jsiL4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4AC7 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDu9x29k5SCVmxg_vsBpSHg&google_cver=1&google_push=AehlK4Bi1QBMzJJjoEPeCxpDaQUvZlr23_L1cSpTANC4XcG9tH2D6zLu1Rvm6UlYLBSH18Z2m88S4FskzWmLK0RU5YmWd4EkwN5OXW9h1FRhTqjkxe86DVcN503onaZ1V9IZez1WAt_2cOA
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
result
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 4AC7
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEHF6n12H11kCu750PeMs250&google_cver=1&google_push=AehlK4D6iFdFD-xvDKhVLyF0OA4L3R2PwkNoeSJqfIcBsZFdoRJHmizKGKpvEJZ-...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEHF6n12H11kCu750PeMs250&google_cver=1&google_push=AehlK4D6iFdFD-xvDKhVLyF0OA4L3R2PwkNoeSJqfIcBsZFdoRJHmizKGKpvEJZ-...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4D6iFdFD-xvDKhVLyF0OA4L3R2PwkNoeSJqfIcBsZFdoRJHmizKGKpvEJZ-zQW7-GdD3pUAEykUJvpgKbcqlzypXaWFirXyY-sGMStjUMTQWrj2_YvWvi7jKj...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
HTTP/1.1
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:40 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
286
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4AC7
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEL4nPGsK4g-gmRXYkbrxfds&google_cver=1&google_push=AehlK4C1Gz8Lut5rcJawZ_z95uALlg1q-Gi7pKvQFgOUfrJGpp0yBf_h4PgO-Hs3oFvqCcvd2JyiVyWcihFA8ca...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AehlK4C1Gz8Lut5rcJawZ_z95uALlg1q-Gi7pKvQFgOUfrJGpp0yBf_h4PgO-Hs3oFvqCcvd2JyiVyWcihFA8cank5_Q10S0rQr29eecARna7XrEZBKqu5D...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AehlK4C1Gz8Lut5rcJawZ_z95uALlg1q-Gi7pKvQFgOUfrJGpp0yBf_h4PgO-Hs3oFvqCcvd2JyiVyWcihFA8cank5_Q10S0rQr29eecARna7XrEZBKqu5DyUj4dmEdVTmxdDr8Uunhv2ts
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=AehlK4C1Gz8Lut5rcJawZ_z95uALlg1q-Gi7pKvQFgOUfrJGpp0yBf_h4PgO-Hs3oFvqCcvd2JyiVyWcihFA8cank5_Q10S0rQr29eecARna7XrEZBKqu5DyUj4dmEdVTmxdDr8Uunhv2ts
Date
Sat, 03 Sep 2022 13:32:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4AC7
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEPwlnxCawtR7deJhyNZKBOk&google_cver=1&google_push=AehlK4CIIlFulH03sfvsyR2QiwZAM72MDyEpJ5lTtI04-JLTKAridciCa0z1kOjcAd5Rnqk3qSPyT5FeL7N9muQKL...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4CIIlFulH03sfvsyR2QiwZAM72MDyEpJ5lTtI04-JLTKAridciCa0z1kOjcAd5Rnqk3qSPyT5FeL7N9muQKLn-QST6CGbTdiRFIB8CIaIbVkol3Q0p__yYcbpxihwy...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4CIIlFulH03sfvsyR2QiwZAM72MDyEpJ5lTtI04-JLTKAridciCa0z1kOjcAd5Rnqk3qSPyT5FeL7N9muQKLn-QST6CGbTdiRFIB8CIaIbVkol3Q0p__yYcbpxihwyGKBALvuRQDA&google_hm=AZ3NWrpHQky1vuB494_QH6c
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4CIIlFulH03sfvsyR2QiwZAM72MDyEpJ5lTtI04-JLTKAridciCa0z1kOjcAd5Rnqk3qSPyT5FeL7N9muQKLn-QST6CGbTdiRFIB8CIaIbVkol3Q0p__yYcbpxihwyGKBALvuRQDA&google_hm=AZ3NWrpHQky1vuB494_QH6c
Date
Sat, 03 Sep 2022 13:32:37 GMT
Server
Apache
Connection
keep-alive
Content-Length
273
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 4AC7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAC1As7ljXxmFIQBefxBEA4&google_cver=1&google_push=AehlK4B3Pl2ZsOpEbR7yAkYcPqWA4AaejD7qzXazTOTpVMd-lUq7lpdghIvelJy9GsxbiKKY85...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01N08xSlRGRTJ1RnlOdmtRN09uMU9ZMmMuZXVFX0ZDYn5B&google_push=AehlK4B3Pl2ZsOpEbR7yAkYcPqWA4AaejD7qzXazTOTpVMd-lUq7lpdgh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01N08xSlRGRTJ1RnlOdmtRN09uMU9ZMmMuZXVFX0ZDYn5B&google_push=AehlK4B3Pl2ZsOpEbR7yAkYcPqWA4AaejD7qzXazTOTpVMd-lUq7lpdghIvelJy9GsxbiKKY85G7db-5NLrQFL8EG0Z30o9eGT_hzQ5jUeuZ2R8uE7TpGWaSgCPib8igCm3qKtD1Y_yiUTc
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01N08xSlRGRTJ1RnlOdmtRN09uMU9ZMmMuZXVFX0ZDYn5B&google_push=AehlK4B3Pl2ZsOpEbR7yAkYcPqWA4AaejD7qzXazTOTpVMd-lUq7lpdghIvelJy9GsxbiKKY85G7db-5NLrQFL8EG0Z30o9eGT_hzQ5jUeuZ2R8uE7TpGWaSgCPib8igCm3qKtD1Y_yiUTc
date
Sat, 03 Sep 2022 13:32:37 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4AC7
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELwD6cOoyHsNW54N2nTTLUM&google_cver=1&google_push=AehlK4DxAxfF1E0HxuURw7Z4IbmZeB1T5LFn2b9OmIHw0nJtNicQJ_99MyTptcAPNcJHMbixx6f_lx2aZ6pCfOnS2...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OGU1ZTg4MmMtOGU3NS00NWQ1LWI5YzEtMGU4MWM5Njg2ODg3&google_push=AehlK4DxAxfF1E0HxuURw7Z4IbmZeB1T5LFn2b9OmIHw0nJtNicQJ_99MyTptcAP...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OGU1ZTg4MmMtOGU3NS00NWQ1LWI5YzEtMGU4MWM5Njg2ODg3&google_push=AehlK4DxAxfF1E0HxuURw7Z4IbmZeB1T5LFn2b9OmIHw0nJtNicQJ_99MyTptcAPNcJHMbixx6f_lx2aZ6pCfOnS2AnbG2DkLES3p3Mvs8Kd0IBlICaV2wfb-RIgVWHFjSGd7D0V3zOrc98
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OGU1ZTg4MmMtOGU3NS00NWQ1LWI5YzEtMGU4MWM5Njg2ODg3&google_push=AehlK4DxAxfF1E0HxuURw7Z4IbmZeB1T5LFn2b9OmIHw0nJtNicQJ_99MyTptcAPNcJHMbixx6f_lx2aZ6pCfOnS2AnbG2DkLES3p3Mvs8Kd0IBlICaV2wfb-RIgVWHFjSGd7D0V3zOrc98
date
Sat, 03 Sep 2022 13:32:38 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4AC7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LVIlLGFwUaleUDVq5sYBL9NMGzvDiPR9AYdN__pRWlCZzyv3J-mTTXa23qf6-PLgqNS0pvwdM
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame 0B63 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:32:37 GMT
img
pix.as.criteo.net/img/ Frame 0B63 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F26298%2F200415%2F1cdb00843d7946d5b3fe885bd23060d5_logo-%282%29-black.png&v=3&w=236&s=UWcxyvK_ZFRR4tTTt5yMmnms
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b1b18fb07562ec8eabce6d1c45556ac337953958dcc0daf1a57e93177051c6cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28394610
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4406
expires
Sat, 29 Jul 2023 04:56:08 GMT
img
pix.as.criteo.net/img/ Frame 0B63 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2F21CFWD01_BLK_1.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20220904&v=3&w=400&s=v3MOoYosaUeseuzcgPDY8HG4&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3958fbc9d867120501d405dfce3841e4aaba4769815b947ee0a170f9147f8b10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31495443
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30146
expires
Sun, 03 Sep 2023 02:16:41 GMT
img
pix.as.criteo.net/img/ Frame 0B63 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2F16CFWD03_BRN_1.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20220904&v=3&w=400&s=wRG_JO-21_PB0e6J0I5RQrIZ&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
04f3c6dfebba14e03bb4837ecfb1d9a4b8a64193f6994643fd6baa9844e42fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31495162
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
26819
expires
Sun, 03 Sep 2023 02:12:01 GMT
img
pix.as.criteo.net/img/ Frame 0B63 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26298&q=80&r=0&u=http%3A%2F%2Fydbrand.imgix.net%2FYD%2FPWA-Products%2FY223SJ08_SGE_MODEL.png%3Fbg%3De6e6e6%26fm%3Djpg%3Fbg%3Dffffff%26fm%3Djpg%26q%3D70%26h%3D900%26rect%3D440%2C0%2C2120%2C3000%26cb%3D20220904&v=3&w=400&s=np0cyTEGUF-ZFlA0xKa8gORF&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
079832362b5d73befcde24ec5f60ef4bd162ce3842a4cc0f2fe0125971be94e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31496199
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
41549
expires
Sun, 03 Sep 2023 02:29:17 GMT
all
csm.as.criteo.net/ Frame 0B63 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=KD8pJvLChlIcw9LzwIgfzQa6omhAmPLtFIyXxc1JJ7yo7tmiCywYBn3f0OFKbChMUW7v86MhshMBHUcCTGomHB-huDOMU2v43sL4eMnwUpMUL2q4lZV__T9BJ4hsIZfBfZXR-ZE6GHSaYBIElFOKwmYGyduTq9sQ_TJMN-c7hNA5D637LI8SIOu9m_Y0vrphJAn15I2waCb5lbKvjQL0rTpt7SwP1rSrILROP5ncV1LJWTkiNKu04kfkHhfDY3TTfKp7QQ&sds=2&rev=82604.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 03 Sep 2022 13:32:37 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0B63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:32:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0B63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:32:37 GMT
pixel
cm.g.doubleclick.net/ Frame 04D3
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_cver=1&google_push=AehlK4DKG1hWfgrQ4OVJE7-ynNWQeQhj_efMgpYWeH124aIj7vHtjD6...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=48414d78e5192026&is_secure=true&networkId=14000&version=1&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_cver=1&google_push=AehlK4DKG1hW...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALa-g2504CTQMnWx8hAAAAAAA&expiration=1662298357&google_cver=1&is_secure=true&google_gid=CAESEJLYt8xzQnagn8A4mv5v3...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALa-g2504CTQMnWx8hAAAAAAA&expiration=1662298357&google_cver=1&is_secure=true&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_push=AehlK4DKG1hWfgrQ4OVJE7-ynNWQeQhj_efMgpYWeH124aIj7vHtjD6M1MB2dHF47ozorq9qH6HmK0idhDVyQjzpXEGt4MaYsCSPeQ
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALa-g2504CTQMnWx8hAAAAAAA&expiration=1662298357&google_cver=1&is_secure=true&google_gid=CAESEJLYt8xzQnagn8A4mv5v3Is&google_push=AehlK4DKG1hWfgrQ4OVJE7-ynNWQeQhj_efMgpYWeH124aIj7vHtjD6M1MB2dHF47ozorq9qH6HmK0idhDVyQjzpXEGt4MaYsCSPeQ
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 04D3
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEH0D0Yaj-4mf-s2QvrpmnnM&google_cver=1&google_push=AehlK4Ah9lfaNulypy_l3vLi-ccCtdO5cgSDOGHT-6M_6BLW75KCsZ3D3eS_hW_NwDmOJBN94TInl1A5aT...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEH0D0Yaj-4mf-s2QvrpmnnM&google_cver=1&google_push=AehlK4Ah9lfaNulypy_l3vLi-ccCtdO5cgSDOGHT-6M_6BLW75KCsZ3D3eS_hW_NwDmOJBN94TInl1A5aT...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Ah9lfaNulypy_l3vLi-ccCtdO5cgSDOGHT-6M_6BLW75KCsZ3D3eS_hW_NwDmOJBN94TInl1A5aTXDe1D7K9rkGkjgzrJSuQ&google_hm=MDMwMzAwMDJfNjMxM...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Ah9lfaNulypy_l3vLi-ccCtdO5cgSDOGHT-6M_6BLW75KCsZ3D3eS_hW_NwDmOJBN94TInl1A5aTXDe1D7K9rkGkjgzrJSuQ&google_hm=MDMwMzAwMDJfNjMxMzU3NzY4MmU2NQ%3D%3D
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 03 Sep 2022 13:32:38 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4Ah9lfaNulypy_l3vLi-ccCtdO5cgSDOGHT-6M_6BLW75KCsZ3D3eS_hW_NwDmOJBN94TInl1A5aTXDe1D7K9rkGkjgzrJSuQ&google_hm=MDMwMzAwMDJfNjMxMzU3NzY4MmU2NQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
v2
odr.mookie1.com/t/ Frame 04D3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEMLmYD5ChBGjivkmJ4Pazgo&google_cver=1&google_push=AehlK4DNCqJ9wpo-VOsclFkA51oL1IebOQohyisX6azZZqqnCE41C_LyqNKP1uOw-diejJLwY8ArVn3KS7WVgebJm...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEMLmYD5ChBGjivkmJ4Pazgo&google_cver=1&google_push=AehlK4DNCqJ9wpo-VOsclFkA51oL1IebOQohyisX6azZZqqnCE41C_LyqNKP1uOw-diejJLwY8ArVn3KS7W...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3533d218-d8d7-4364-ad08-0ce37055f148&ssp=google_jp&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526249337535193241&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526249337535193241&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=9fa33b35-2994-4265-9b96-4309f2caaf77&ssp=google_jp&gdpr_consent=&gdpr=
0
0
pixel
cm.g.doubleclick.net/ Frame 04D3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDxlti_qQxN3V1b5thckVgA&google_cver=1&google_push=AehlK4Ch5fgfQHS6Yzi6vMweC5_c7WIQa3hQKfmiSfCGubNRvg-xLeYnuYe8z0VG58g733vaniBVvYWh81b53...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDxlti_qQxN3V1b5thckVgA&google_push=AehlK4Ch5fgfQHS6Yzi6vMweC5_c7WIQa3hQKfmiSfCGubNRvg-xLeYnuYe8z0VG58g733vaniBVvYWh81b53...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4Ch5fgfQHS6Yzi6vMweC5_c7WIQa3hQKfmiSfCGubNRvg-xLeYnuYe8z0VG58g733vaniBVvYWh81b53uSYjp11YDd-MBrSHQ&google_hm=RjVvQl9PdFJvbnRma1...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4Ch5fgfQHS6Yzi6vMweC5_c7WIQa3hQKfmiSfCGubNRvg-xLeYnuYe8z0VG58g733vaniBVvYWh81b53uSYjp11YDd-MBrSHQ&google_hm=RjVvQl9PdFJvbnRma1JXaWlIUHE=
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:38 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4Ch5fgfQHS6Yzi6vMweC5_c7WIQa3hQKfmiSfCGubNRvg-xLeYnuYe8z0VG58g733vaniBVvYWh81b53uSYjp11YDd-MBrSHQ&google_hm=RjVvQl9PdFJvbnRma1JXaWlIUHE=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04D3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE37nZd49Dk2vSSuM9FhKUQ&google_cver=1&google_push=AehlK4A8nDPaiq24jXrIMDGnE1qWhuPCVtpznSFrGdlqDe_sHFFuhbnWGHINOYcFmCnXxGkrClV-vfmlvrXT...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4A8nDPaiq24jXrIMDGnE1qWhuPCVtpznSFrGdlqDe_sHFFuhbnWGHINOYcFmCnXxGkrClV-vfmlvrXTIXHcJhIv8Cbzrtv4GQ
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4A8nDPaiq24jXrIMDGnE1qWhuPCVtpznSFrGdlqDe_sHFFuhbnWGHINOYcFmCnXxGkrClV-vfmlvrXTIXHcJhIv8Cbzrtv4GQ
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4A8nDPaiq24jXrIMDGnE1qWhuPCVtpznSFrGdlqDe_sHFFuhbnWGHINOYcFmCnXxGkrClV-vfmlvrXTIXHcJhIv8Cbzrtv4GQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 04D3
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEA8cblfKCH1-OgrHp5hIOBc&google_cver=1&google_push=AehlK4DR_Jl4hlhGStx76yeHDtiSFgaw3pEWjvCbXXbS7JEQTcRas9muZqiOMAMGdNa2WtA_DHt0e...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4DR_Jl4hlhGStx76yeHDtiSFgaw3pEWjvCbXXbS7JEQTcRas9muZqiOMAMGdNa2WtA_DHt0eRaQjCvDhZ-R4dkXZtlgbkTZWg&google_hm=WXhOWGRzQ...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4DR_Jl4hlhGStx76yeHDtiSFgaw3pEWjvCbXXbS7JEQTcRas9muZqiOMAMGdNa2WtA_DHt0eRaQjCvDhZ-R4dkXZtlgbkTZWg&google_hm=WXhOWGRzQ284WXNBQUdleGx6a0FBQUFB
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
37
Date
Sat, 03 Sep 2022 13:32:38 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEA8cblfKCH1-OgrHp5hIOBc&google_cver=1&google_push=AehlK4DR_Jl4hlhGStx76yeHDtiSFgaw3pEWjvCbXXbS7JEQTcRas9muZqiOMAMGdNa2WtA_DHt0eRaQjCvDhZ-R4dkXZtlgbkTZWg","cluster_id":37,"gdpr":false,"ipv4":"173.245.209.81","key":"YxNXdsCo8YsAAGexlzkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad293"}
X-SO-Ads-Time
1
X-SO-Key
YxNXdsCo8YsAAGexlzkAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad293
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4DR_Jl4hlhGStx76yeHDtiSFgaw3pEWjvCbXXbS7JEQTcRas9muZqiOMAMGdNa2WtA_DHt0eRaQjCvDhZ-R4dkXZtlgbkTZWg&google_hm=WXhOWGRzQ284WXNBQUdleGx6a0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad293.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-IP
173.245.209.81
pixel
cm.g.doubleclick.net/ Frame 04D3
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEGYfr0WR1v-bS8MLIcI4Ndw&google_cver=1&google_push=AehlK4B7B2CracEcJ05SeLN0kqQUIJ3rNgIfHeq0KVgNJjyDyAd1L3xBNpaCa1fg9jXIEgLyLDlVa_rpIUxcM9qPfomk2Evcro-KWA
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4B7B2CracEcJ05SeLN0kqQUIJ3rNgIfHeq0KVgNJjyDyAd1L3xBNpaCa1fg9jXIEgLyLDlVa_rpIUxcM9qPfomk2Evcro-KWA&google_hm=0897055019a47ab6c...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4B7B2CracEcJ05SeLN0kqQUIJ3rNgIfHeq0KVgNJjyDyAd1L3xBNpaCa1fg9jXIEgLyLDlVa_rpIUxcM9qPfomk2Evcro-KWA&google_hm=0897055019a47ab6c1a9a85a4f268246
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4B7B2CracEcJ05SeLN0kqQUIJ3rNgIfHeq0KVgNJjyDyAd1L3xBNpaCa1fg9jXIEgLyLDlVa_rpIUxcM9qPfomk2Evcro-KWA&google_hm=0897055019a47ab6c1a9a85a4f268246
date
Sat, 03 Sep 2022 13:32:38 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame 04D3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdYn_GQylFBJ0JbGKUN67VL1VuDq0esD03uG3aCxI_3-x4Lh3fdvZQ9WJB9Z_bCg_N8OJn
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 65B6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
87556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 13:13:21 GMT
expires
Sat, 02 Sep 2023 13:13:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4ECE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDPANVIxjEOKHNc5UbKwsC4&google_cver=1&google_push=AehlK4DdG5CLKnIKZELvbr8Uozq3K_VvbbO176goY6AahFcPRAA7dPb7i8jcEkbW9Zt4gLb37WGGuI46IUhFNsZ6...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DdG5CLKnIKZELvbr8Uozq3K_VvbbO176goY6AahFcPRAA7dPb7i8jcEkbW9Zt4gLb37WGGuI46IUhFNsZ6ZhUQk4O0Ksrxh4Q8gndqlkfWrbKOzd...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DdG5CLKnIKZELvbr8Uozq3K_VvbbO176goY6AahFcPRAA7dPb7i8jcEkbW9Zt4gLb37WGGuI46IUhFNsZ6ZhUQk4O0Ksrxh4Q8gndqlkfWrbKOzdHGiv1HezZi3FCqUj9YL1cYMpU1rau-2xanqmA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 03 Sep 2022 13:32:38 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DdG5CLKnIKZELvbr8Uozq3K_VvbbO176goY6AahFcPRAA7dPb7i8jcEkbW9Zt4gLb37WGGuI46IUhFNsZ6ZhUQk4O0Ksrxh4Q8gndqlkfWrbKOzdHGiv1HezZi3FCqUj9YL1cYMpU1rau-2xanqmA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 03 Sep 2022 13:32:37 GMT
pixel
cm.g.doubleclick.net/ Frame 4ECE
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4BIS0ceSh8dDOx5GAEOOmKPZIjFzvw4UD-GCkyWwYEfBbj6GUJNvQ1dZI8r4Na3NMMUW3-4V33NxqEc91Us2Sq5JcTBmX82LimgNPOvSkZmU7Buhv2bblx7uWNTpbyjY7Q8CbiSinx1jX...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4BIS0ceSh8dDOx5GAEOOmKPZIjFzvw4UD-GCkyWwYEfBbj6GUJNvQ1dZI8r4Na3NMMUW3-4V33NxqEc91Us2Sq5JcTBmX82LimgNPOvSkZmU7Buhv2bblx7uWNTpbyjY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4BIS0ceSh8dDOx5GAEOOmKPZIjFzvw4UD-GCkyWwYEfBbj6GUJNvQ1dZI8r4Na3NMMUW3-4V33NxqEc91Us2Sq5JcTBmX82LimgNPOvSkZmU7Buhv2bblx7uWNTpbyjY7Q8CbiSinx1jXwKME8iug&google_hm=AT8wTffcZQLlks8ADsaW5s1KjcA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4BIS0ceSh8dDOx5GAEOOmKPZIjFzvw4UD-GCkyWwYEfBbj6GUJNvQ1dZI8r4Na3NMMUW3-4V33NxqEc91Us2Sq5JcTBmX82LimgNPOvSkZmU7Buhv2bblx7uWNTpbyjY7Q8CbiSinx1jXwKME8iug&google_hm=AT8wTffcZQLlks8ADsaW5s1KjcA
cache-control
no-cache
content-length
0
x-amz-cf-id
dy6fd546L4qAzGtWO-LwRhyGcZ3M58sFVtIFGxN2LgBReJqRKwm4TQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4ECE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAT4QHSMMFYc-_m2Dos6C-A&google_cver=1&google_push=AehlK4AZ8tpBuoxNVLQvlYwdhQ3COpYneRAkhIZFoC6rUJnVidKIlH8tGi5Sb8NILVfLip9zDPCPYEM83zcQHbAk7l_CSXe...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AZ8tpBuoxNVLQvlYwdhQ3COpYneRAkhIZFoC6rUJnVidKIlH8tGi5Sb8NILVfLip9zDPCPYEM83zcQHbAk7l_CSXe6ivCo4qUyxSsBB8k44oavWEFPNg7jeiSm5mUFH...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AZ8tpBuoxNVLQvlYwdhQ3COpYneRAkhIZFoC6rUJnVidKIlH8tGi5Sb8NILVfLip9zDPCPYEM83zcQHbAk7l_CSXe6ivCo4qUyxSsBB8k44oavWEFPNg7jeiSm5mUFHhSwnjldrEBVg8yTAWZ16g&google_hm=Nzc2MzUxODMyNDkxOTk1NzY3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 03 Sep 2022 13:32:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AZ8tpBuoxNVLQvlYwdhQ3COpYneRAkhIZFoC6rUJnVidKIlH8tGi5Sb8NILVfLip9zDPCPYEM83zcQHbAk7l_CSXe6ivCo4qUyxSsBB8k44oavWEFPNg7jeiSm5mUFHhSwnjldrEBVg8yTAWZ16g&google_hm=Nzc2MzUxODMyNDkxOTk1NzY3Mw%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 4ECE
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBgyRxTypVzcuq6EdQDlHsY&google_cver=1&google_push=AehlK4BNPMAch6GDOiD9yjxIl-NuaU1Ize_5sgHTD_jCTKDnxC0Jp196l75lwjy-kMSUagxj5FnFztYAk0Jl2P-PKP8ITtTa3Zpz5...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BNPMAch6GDOiD9yjxIl-NuaU1Ize_5sgHTD_jCTKDnxC0Jp196l75lwjy-kMSUagxj5FnFztYAk0Jl2P-PKP8ITtTa3Zpz5N8YzZaVq0c2MFIx0G9prugVoRgzV95FA-...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BNPMAch6GDOiD9yjxIl-NuaU1Ize_5sgHTD_jCTKDnxC0Jp196l75lwjy-kMSUagxj5FnFztYAk0Jl2P-PKP8ITtTa3Zpz5N8YzZaVq0c2MFIx0G9prugVoRgzV95FA-CwHwrNS3lWo6YdgFIW68Y&google_hm=PQoZjr0CxVs22-YI9aAMLg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BNPMAch6GDOiD9yjxIl-NuaU1Ize_5sgHTD_jCTKDnxC0Jp196l75lwjy-kMSUagxj5FnFztYAk0Jl2P-PKP8ITtTa3Zpz5N8YzZaVq0c2MFIx0G9prugVoRgzV95FA-CwHwrNS3lWo6YdgFIW68Y&google_hm=PQoZjr0CxVs22-YI9aAMLg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
lg2fgk3c8salu2va922kmdhhm5bmvjvu
pixel
cm.g.doubleclick.net/ Frame 4ECE
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE37nZd49Dk2vSSuM9FhKUQ&google_cver=1&google_push=AehlK4DIXrlGnojeFc2FYZzJc8VIvP6JXkaP6CJyLYp8zUNOcQuU8HJOEmScZ9ySq78kDybCbtJZljyzI57R...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DIXrlGnojeFc2FYZzJc8VIvP6JXkaP6CJyLYp8zUNOcQuU8HJOEmScZ9ySq78kDybCbtJZljyzI57RxyQjU1k4eqkDFn7M7MPBZscureo7QKTl5-W0...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DIXrlGnojeFc2FYZzJc8VIvP6JXkaP6CJyLYp8zUNOcQuU8HJOEmScZ9ySq78kDybCbtJZljyzI57RxyQjU1k4eqkDFn7M7MPBZscureo7QKTl5-W0SaerlAsn2gJb8EUPKhheHwv2fJwEGz24eeo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DIXrlGnojeFc2FYZzJc8VIvP6JXkaP6CJyLYp8zUNOcQuU8HJOEmScZ9ySq78kDybCbtJZljyzI57RxyQjU1k4eqkDFn7M7MPBZscureo7QKTl5-W0SaerlAsn2gJb8EUPKhheHwv2fJwEGz24eeo
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 4ECE
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGKPy_ptiNaURkZYEAM5-w4&google_cver=1&google_push=AehlK4ABMMx1W1gwz1MZ6ERNUVZ1MycgMcPRukbgl59AwQZWVHYp0pyMkSWugEAyc4msUYAT_PHqbi4CzPHEFzKqtE6BqfxJz...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1MjEzNTU4NjgyNzM2MTAwMFYxMA%3d%3d&mn_hm=MzA1MjEzNTU4NjgyNzM2MTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4ABMMx1W1gwz1MZ6ERNUVZ1Myc...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1MjEzNTU4NjgyNzM2MTAwMFYxMA%3d%3d&mn_hm=MzA1MjEzNTU4NjgyNzM2MTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4ABMMx1W1gwz1MZ6ERNUVZ1MycgMcPRukbgl59AwQZWVHYp0pyMkSWugEAyc4msUYAT_PHqbi4CzPHEFzKqtE6BqfxJzLvWgCbrU3CkG5bm8uXGnb5vY0Q9S137S-uYwRK1kuTYGw3k_RhEUHQ6GFY&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:38 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1MjEzNTU4NjgyNzM2MTAwMFYxMA%3d%3d&mn_hm=MzA1MjEzNTU4NjgyNzM2MTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4ABMMx1W1gwz1MZ6ERNUVZ1MycgMcPRukbgl59AwQZWVHYp0pyMkSWugEAyc4msUYAT_PHqbi4CzPHEFzKqtE6BqfxJzLvWgCbrU3CkG5bm8uXGnb5vY0Q9S137S-uYwRK1kuTYGw3k_RhEUHQ6GFY&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 03 Sep 2022 13:32:38 GMT
pixel
cm.g.doubleclick.net/ Frame 4ECE
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEGYfr0WR1v-bS8MLIcI4Ndw&google_cver=1&google_push=AehlK4DOOBexJMtnomVXcc3ERGdf7Mw3fkaJmuHWZDnpKYk0fUwDd5IOjK7wskH6HuUkOl798xdPF3dy8xh3xpAAwqMs2HYimTRjf...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DOOBexJMtnomVXcc3ERGdf7Mw3fkaJmuHWZDnpKYk0fUwDd5IOjK7wskH6HuUkOl798xdPF3dy8xh3xpAAwqMs2HYimTRjfc4uuaSTUCZCzVOHx15xAVAWu3W7TN...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DOOBexJMtnomVXcc3ERGdf7Mw3fkaJmuHWZDnpKYk0fUwDd5IOjK7wskH6HuUkOl798xdPF3dy8xh3xpAAwqMs2HYimTRjfc4uuaSTUCZCzVOHx15xAVAWu3W7TNUmiPHQ1usFN2F9RvOJerOMcSM&google_hm=9cdfbf5ebc64bea09c84f0291670f3a0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DOOBexJMtnomVXcc3ERGdf7Mw3fkaJmuHWZDnpKYk0fUwDd5IOjK7wskH6HuUkOl798xdPF3dy8xh3xpAAwqMs2HYimTRjfc4uuaSTUCZCzVOHx15xAVAWu3W7TNUmiPHQ1usFN2F9RvOJerOMcSM&google_hm=9cdfbf5ebc64bea09c84f0291670f3a0
date
Sat, 03 Sep 2022 13:32:38 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame 4ECE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHPUrIwFgGBxRnlfjivO42DTm-8iUp-3IYv3CtrqEBCoZ0tqCvTFIaEK-spa1M1SxTEaFu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame F62F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDPANVIxjEOKHNc5UbKwsC4&google_cver=1&google_push=AehlK4CqOn3EmjZtPVBPN3HDpuuYFKTxQdBaN4H8YPcTbY7YVC5fiHhVEunasqLuc9red4JbFzBL4mGsT7IHFyzh...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CqOn3EmjZtPVBPN3HDpuuYFKTxQdBaN4H8YPcTbY7YVC5fiHhVEunasqLuc9red4JbFzBL4mGsT7IHFyzhegFd4et8a4qiKPO9hhuK-8hSitZbub...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CqOn3EmjZtPVBPN3HDpuuYFKTxQdBaN4H8YPcTbY7YVC5fiHhVEunasqLuc9red4JbFzBL4mGsT7IHFyzhegFd4et8a4qiKPO9hhuK-8hSitZbubL32401GO-9LiBlSIRJcD_wBOrTMNlEKP2-1n0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 03 Sep 2022 13:32:38 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CqOn3EmjZtPVBPN3HDpuuYFKTxQdBaN4H8YPcTbY7YVC5fiHhVEunasqLuc9red4JbFzBL4mGsT7IHFyzhegFd4et8a4qiKPO9hhuK-8hSitZbubL32401GO-9LiBlSIRJcD_wBOrTMNlEKP2-1n0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 03 Sep 2022 13:32:37 GMT
pixel
cm.g.doubleclick.net/ Frame F62F
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4A7hsCgkl44d59xoNHh4rv4qLX1MrkMJYUy8PialyDrKrevtYJsK89auSzNU9oXWw8lAAZXpI48bOFBmg2-CHpNEJpKdsR4Y84trzOYm0xSa_HSRNqlWjk_8xYzivbZql63LrGl7mimZ-...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4A7hsCgkl44d59xoNHh4rv4qLX1MrkMJYUy8PialyDrKrevtYJsK89auSzNU9oXWw8lAAZXpI48bOFBmg2-CHpNEJpKdsR4Y84trzOYm0xSa_HSRNqlWjk_8xYzivbZq...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4A7hsCgkl44d59xoNHh4rv4qLX1MrkMJYUy8PialyDrKrevtYJsK89auSzNU9oXWw8lAAZXpI48bOFBmg2-CHpNEJpKdsR4Y84trzOYm0xSa_HSRNqlWjk_8xYzivbZql63LrGl7mimZ-rc5Cc2C9E&google_hm=AXNrqVC64PEyks8ADsd_u28P9MA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4A7hsCgkl44d59xoNHh4rv4qLX1MrkMJYUy8PialyDrKrevtYJsK89auSzNU9oXWw8lAAZXpI48bOFBmg2-CHpNEJpKdsR4Y84trzOYm0xSa_HSRNqlWjk_8xYzivbZql63LrGl7mimZ-rc5Cc2C9E&google_hm=AXNrqVC64PEyks8ADsd_u28P9MA
cache-control
no-cache
content-length
0
x-amz-cf-id
mhIg3soH-_HmLX11yUV6vY8JzYhUAT3lpb4vxmz063NVXwI4Voes8w==
expires
-1
us.php
c.us1.dyntrk.com/adx/ga/ Frame F62F 		0
0
pixel
cm.g.doubleclick.net/ Frame F62F
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEORjrfTlQw3TH0ICm2pFRCw&c_param1=AehlK4Coz1xEP3ESSQFqnZyQrNNdRmgiDJQXC-orhgwX4NWl6S-TDlwQXLRLiF49sHwenYChYumIRhYCVlMecrRVOF6cF-cZc11bpM3nQ8-bsuZV1Y1...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4Coz1xEP3ESSQFqnZyQrNNdRmgiDJQXC-orhgwX4NWl6S-TDlwQXLRLiF49sHwenYChYumIRhYCVlMecrRVOF6cF-cZc11bpM3nQ8-bsuZV1Y19RxzlnUdQtxPEB3fZV...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4Coz1xEP3ESSQFqnZyQrNNdRmgiDJQXC-orhgwX4NWl6S-TDlwQXLRLiF49sHwenYChYumIRhYCVlMecrRVOF6cF-cZc11bpM3nQ8-bsuZV1Y19RxzlnUdQtxPEB3fZVgyJ84CT4_GV-ni7UZkLU6I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4Coz1xEP3ESSQFqnZyQrNNdRmgiDJQXC-orhgwX4NWl6S-TDlwQXLRLiF49sHwenYChYumIRhYCVlMecrRVOF6cF-cZc11bpM3nQ8-bsuZV1Y19RxzlnUdQtxPEB3fZVgyJ84CT4_GV-ni7UZkLU6I
date
Sat, 03 Sep 2022 13:32:38 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame F62F
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBgyRxTypVzcuq6EdQDlHsY&google_cver=1&google_push=AehlK4BZSaW1RQpdLKbbN89ccMfiqNx67YvfjFopcPaucL_v9uDOy52hiKG4988z0B1H7JUz66gy07qqOdqj7usHFNYIUdc0KKWXz...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BZSaW1RQpdLKbbN89ccMfiqNx67YvfjFopcPaucL_v9uDOy52hiKG4988z0B1H7JUz66gy07qqOdqj7usHFNYIUdc0KKWXzvxEridcaoeExHIN-0cHRnUw5xSXM6m-3Y...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BZSaW1RQpdLKbbN89ccMfiqNx67YvfjFopcPaucL_v9uDOy52hiKG4988z0B1H7JUz66gy07qqOdqj7usHFNYIUdc0KKWXzvxEridcaoeExHIN-0cHRnUw5xSXM6m-3Y5OVbizT3k2AeJxYLBiHCc&google_hm=PQoZjr0CxVs22-YI9aAMLg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:37 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4BZSaW1RQpdLKbbN89ccMfiqNx67YvfjFopcPaucL_v9uDOy52hiKG4988z0B1H7JUz66gy07qqOdqj7usHFNYIUdc0KKWXzvxEridcaoeExHIN-0cHRnUw5xSXM6m-3Y5OVbizT3k2AeJxYLBiHCc&google_hm=PQoZjr0CxVs22-YI9aAMLg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
1hipq0521d8jfl66ltu855rbf5bb130d
pixel
cm.g.doubleclick.net/ Frame F62F
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEGYfr0WR1v-bS8MLIcI4Ndw&google_cver=1&google_push=AehlK4DI0nzEV7YDIyAl4AAjIsjOkixuDEUIXHmE7LMy4kwOWug5I9Co7ywTyIQ7ji5Ggmp-Eml693ysjVwBCzXQapKZveQX6pNf2...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DI0nzEV7YDIyAl4AAjIsjOkixuDEUIXHmE7LMy4kwOWug5I9Co7ywTyIQ7ji5Ggmp-Eml693ysjVwBCzXQapKZveQX6pNf257etm-kwJx8xS9wAuhUuuKKrQvB2q...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DI0nzEV7YDIyAl4AAjIsjOkixuDEUIXHmE7LMy4kwOWug5I9Co7ywTyIQ7ji5Ggmp-Eml693ysjVwBCzXQapKZveQX6pNf257etm-kwJx8xS9wAuhUuuKKrQvB2qnxwEQ30DMTWYZAc5pVOWd5Ybg&google_hm=9a2d420f17da8bfca7a26f1f26688803
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DI0nzEV7YDIyAl4AAjIsjOkixuDEUIXHmE7LMy4kwOWug5I9Co7ywTyIQ7ji5Ggmp-Eml693ysjVwBCzXQapKZveQX6pNf257etm-kwJx8xS9wAuhUuuKKrQvB2qnxwEQ30DMTWYZAc5pVOWd5Ybg&google_hm=9a2d420f17da8bfca7a26f1f26688803
date
Sat, 03 Sep 2022 13:32:38 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame F62F
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELwD6cOoyHsNW54N2nTTLUM&google_cver=1&google_push=AehlK4BBM7hHqD3ZvhiPZnW_on94bNGXjyk0aoVNJEe3VxHHqIJMc_nfFz6fWRdimFDKY5WnimZeUgpVID4lNwH0a...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MGM3ZTFjZWMtZDc4Yy00MjhkLWI0MWMtNDVmMTEwNGM5ZTFk&google_push=AehlK4BBM7hHqD3ZvhiPZnW_on94bNGXjyk0aoVNJEe3VxHHqIJMc_nfFz6fWRdi...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MGM3ZTFjZWMtZDc4Yy00MjhkLWI0MWMtNDVmMTEwNGM5ZTFk&google_push=AehlK4BBM7hHqD3ZvhiPZnW_on94bNGXjyk0aoVNJEe3VxHHqIJMc_nfFz6fWRdimFDKY5WnimZeUgpVID4lNwH0a84_Gk1cuUaUeYUaCHqeuGI8ZizDwK-c9PQCvSfNtOOwd_FfSAoDU87zVLTqgncQoyEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MGM3ZTFjZWMtZDc4Yy00MjhkLWI0MWMtNDVmMTEwNGM5ZTFk&google_push=AehlK4BBM7hHqD3ZvhiPZnW_on94bNGXjyk0aoVNJEe3VxHHqIJMc_nfFz6fWRdimFDKY5WnimZeUgpVID4lNwH0a84_Gk1cuUaUeYUaCHqeuGI8ZizDwK-c9PQCvSfNtOOwd_FfSAoDU87zVLTqgncQoyEA
date
Sat, 03 Sep 2022 13:32:38 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame F62F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Izx6iOaEWt6_LUNNMgowt3jRxyw4leeS4X6H6hQC7MnRArwWjlbK9uaDdwIdLbpHN4UHX9Rw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FCFA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
87556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 13:13:21 GMT
expires
Sat, 02 Sep 2023 13:13:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8016 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
87556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 13:13:21 GMT
expires
Sat, 02 Sep 2023 13:13:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 67AF 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 20:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 20:46:47 GMT
css
fonts.googleapis.com/ Frame 0B63 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
c639475111ae9c7a6c89e022ab7a77eb6e9d82145e845dfba037b53650297288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Sep 2022 13:32:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 03 Sep 2022 13:32:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Sep 2022 13:32:38 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 65B6 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 20:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 20:46:47 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame FCFA 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 20:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 20:46:47 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 8016 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 20:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 20:46:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 67AF 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRKzZdFcTY4fiJZOo1AaJ2a3wBQAAAAA4AeAEAg&bg=!-Pul-7_NAAZTikH4c4o7ACkAdvg8WngQG1wAhNRc65qoFySLPUtxxcIaKe8Hl8Kq7Bi4NS-7EXbcvwIAAACZUgAAAAJoAQeZAu93SfWikMghtALpdQz1ahJ94JQpqhYL5q2w41xPNXqDAUBpS6NibfFNmqkDmN6kvscg3be_1Qbwi7eXv6BC3hMkg7T9sYX2rW7Zx0nN13EQNHhcispIIgMbVYcCyE8R1EuZ2WUlAsX_STrEkijaVhh0YQv_Ln2HxlG_husaUBu-eu7uSf2AqYH_r_E-XF7dBQG-pFrxiAvCrSafEhPGVgKBRdQni4UWc46uPjTzcXvU0YaGiZ4sEDS3AqjYi35VZyvPhRu9-iV-7jV9aDfnvpF0D0DJBP_oYFKD9HS1XZV51kBXL6ovaLdmsQKS1sqZz64-AOkzm3JnKfK_XuErZS_rtcmh5SaV_10UYfdFx5K7aSKwJF6CQlo-XzAnzHy2BLSuF58tgkgnpbhvwtPt3TWhbS0uP1hMYI9cgwBGJPlo0xyGR_tHuZVNHQAYnGFhSLyi4aAUAtKXrTB1QevkZq1LLGf7cS-IxAWrI7VhrAxnlOGwv2s60SxV5653coNpIIlkHyv_DGmZojfUX4yvXkAUE2X4l4hiqYkbhqpv_nu44uTub8NHsM1JaQji-MmZ97MXXjAVDTvl6_sQ2ywuV9FR88_P6Psz5oMUN2Th0vfaiwsqyLfcrpmeiPn7TMTghiF6_wKMU9J0JuESr0p_V587SDtj3ejRGbqO7nqlwiJIEWQon13wiCtU7yY1n3T-zltWXXrplQFGlcO4WD0noEpQl-mQkIJ7JBnOhH7uAndmtF6vIqbjdPRiH9JpyPflwx1rnJSm2vh6Y8XIZGQoyvYSim-mO6zRs3YTROID9mSNQKGzW7nYOE8zY9Q2uC1bfWAozFb4w08CwG943faoDHN7FAKwkCKULBsxwpZhuXEOwIBSJ0n__g8RzC9GYPWrCgo3yzXqiwEBVw7zyncFx8AOhS1y--kJklgX5eVTQ32Y5faWIFnbbU_7Mqa0CsbzBBRUZzzJBoBICRtx6rPyFanYMlYulqsSQZX4vKqibLzn
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 77C2 		86 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
0a05de643ac8c608138f3eda57b0efb0d59285892f4e2f26840f50abdc26fd8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
506354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20029
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 16:53:24 GMT
expires
Mon, 28 Aug 2023 16:53:24 GMT
last-modified
Fri, 13 May 2022 01:12:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3C45 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPFZwAF6Q2OpABlEHNhzikELcqKuENz3TWHXpKsmNZOIW8s385wSqS29TpzwMfCVey1AxfmHfcCwRQl9uxwXvUAifInDQumI1O6l-gFyP58X9M_IerOC1StOHqt1VJu37yRjZDN0T7ye5CnJHFD65FVEk7MqkK5wqIv3hcay-Ca_yhkKHQlQcG6cjJCIXRbf0Jezy01GtwnD3n1_2cNrsdhRkT2zRf-KKBM8IPsNXP9WoYTPwO4YD_p5ryYS7Ftj-SL14qXOj00o7sbA7T-bgwAYK13H643WfNUX9SKr7n2ibgN2jvwrE2VxOxuZyplHSbT5AZOWvIY8idvdXR2wnSS5zyej73T7qpJARHLKfM42kUpHEFph3LLvl-yIRUWlY0qYUGjpAgk9kgJKrnM0K2s-kFQsI8-PQJMPd2BasmSn6p6iWRkSq7x8n1XsjLa4UwFPU2AkA0OqJxTsnJMFHV1l8t3M7VmB6CC4pHrMhExACwCW09uiNzuwGnBWlPQi5ZtRm6DneC9h_a6cqoSLJUzPfHfcDR6MaAWsdtNbPqw7dJxIQaZRB2Z4a5Mj2uKHY8kL2HaBmSrLteq040Eqj101Ei-2mKVFCe_ZlXPyy9e-yMnnQtV_J_Own73nVao7f0abPWly4KUMmQKq0eFXdjPdbTTSPiq4lOkYDyopue_qVfZKQzhpHNdsT_pi-7hlQ8crQZKlpKBDLp7wWokADJut_GfJByUHjtVC_XqRbjwR-h3F9xbaXLcOi9pSECO8xBCqgmQgtFpr2h_GCrKbUDxj2oyvcbgA1prqc9d8C_QghHOBiIvKSTiWnjFKLMPOifs3EyQyN2VuM7soSwh0QmI8vpP_zcSVArV8lmGF4ZK6-jqWVVZxkjZLt0bHHs0iyISJp3o4UwTLz8R2ly876Bs97AtsH9oBmffQuoCt5NOm9rZoNqnfNTMMwmAZZqljI-_kmL538YnfX4hEDBVNoATmqV6JTKqAfGpS7Wx_MTnDSxFlhBvYxBGzuUYPwTeYajPsyXdailhYPJld6DbgRp0duMljAVKd2oS98CvmCrUSO1QspmpZj506sBzF5-24ws_1cHgEJsB5WTpk5t2doBBSuaE2k1LsXoOgpLB3oat_zvAOz-tnTzcU5OtohrtKt3wwUDmdx2uLihf6mI56lCldfjmONfPJvum-Q3KymCePIjPzkS7vrKYt1kLVAtnQuQ_xPH_pXTLBKHSzIhRTyZGr8YJvXyb7jrRvMKYm16EPWhJQ-jxZoQDu1duMl7D1eKKkrW4PItbpy6w6gqFa7Kh8H0kUwQ9puJGuYx_9hGzFACUzrAgjOFuQ&sai=AMfl-YRUXRZ0TXULlT1SrxC3jXgeBtY1ByJ3wmWoRbDeW4wUzlkdFOUDZLLYylq97F5XjBZ9Ops4dkgfyG7vkciA6XBG5tsdPdaULBEcAFPZSpwlzmHYaMpQ-TsXDb6j0paagDNmTikTyK38bOujfV-buXbm9eCrO4J7KYe7znM3LTlCvO0jYpWUSnBO41nSYzrVI3WrKP56ratyB_y6cx2hqA0C&sig=Cg0ArKJSzDdXhfk5iUtvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1197&cbvp=1&cstd=1194&cisv=r20220831.40725&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 03 Sep 2022 13:32:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 3C45 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.240 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.362.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 13:32:38 GMT
Server
MMBD/3.362.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x71, hkg-bidder-x89
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 03 Sep 2022 13:32:37 GMT
2205_SEMBA_iProspect_banners_300x250.html
s0.2mdn.net/sadbundle/14196359717863263274/ Frame 0386 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
63aa92d92ed9131c7e6a88124cec6ebcb1f8ee9ecdd62e8ebf9e7622fb0d5c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
22344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2384
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 07:20:14 GMT
expires
Sun, 03 Sep 2023 07:20:14 GMT
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CDB3 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3QGWPGaNlrlo6YgYxP1BZZDVjorW6oh74-3dEtw7nyN9dBj6ljYc5OPVjNsS2sv26TeAnMXj06Qwwp3tK3NKZXlnkAoWuVo7rX9Zw1EbH-OpPYxypvYvWWv4CIpojJ-1395Ix_FYAPGrrMNY7vDOwg_wtQZVfrnUDLApewCPAb3s9Cz2m86N-eTz5nd7bfnf-CsrGKS1P6JVEApFahOw-brNMGvK1PPrpbaEpCv78YfXwMtfCNFNKFBv6CnIA90Yx4Zby6iihZHOrSGWhMLzrtCTwyIU57a1t1hy9L8tV-DMB_VPoabx1IPO-8W5NikxyywqtTmE0PMW5HvrS2SxLqSLSVuaYJR9KNJ81_iMh-fkuqoLvhNY-upiD6Opvr0qlbFPT939gk70w4zMyu8RFdWqZGtZ_p7RfbyJUmhfxXWzChYygiM_p-ztRCgHo0eTvT6XM_jKjtarZOJHiTr7Io8dFxgz2XMBtOr8hhnmR3Ijn9nHzyd8A1dLyEhkSOPL0ypneGd07vh6_CgR2eL_iMaa17uzodK8zaAkkeazxxfPhOA6UGvtsYDTHDtwxss18Onr9T0lXbGdv0PxMGlMJsUBItbz9FspHFqO-xMCQaxnLsBG4ku-aiUEY1yRbwMR-VQb-DmEkdRRKZEKgkJxB0pB8XK6H_6bp3IYj954TyupoKU495h7XxtNWp_wG73n8mLKsEiChuOclrVqR-n3XdDt1Z6A3OHhBy_9Eke54cujuWRbOy6ST2buCBKadVL-vY7amlJKQigisTk0bN5soViEOQTnBMjDmxDEqj62Ak-guGYwvFLgWEjAXGZFaerw5U8Y2EnKJUPBaXfnjm9xkiEtOetYu2ZIORtVW20TmjZBFR1VrPCBjR3R3NZwtv35qrwUhJCLx-RhNU9wJDvTMaOSLXARhMDDBEtDXCAUh-B11_Rtpx84h_mj2nBmETRHZVZZsHhxNpCWpzFmqfLkYreAUZ6QF3aa8J_tcdkZCRIyj1Pfs8r8pIX9vOFEHI2sOMFrbuv-EpGhTPJE8fKmnqfnNB4KoQhH5CSP0_Tgl8JcljG_wqVlL5StUrV_l_60miUrhmw4Su8kWNLWXgd7EmOw1YcoC-mCuuiBxNljDjPtV2wXfdi5ezMSIAX-E15687XV2jmkXvBPvdhD-yAiXGs28SIL4jMT06_lXbnH7tgs0KI9o&sai=AMfl-YQSC1bRPZNzmpkZpv811_UmqSfHu_U-FlKlAK7nqNT3LW778Bj7LAM456X2YTOZv2ji6gbc5bsLymrAz6bXWXP-h4bAF6KXzqijPbME7FdC38ZzwNVN9MocWUv5ROXdTVsxj3e7H_VWH9hnMxyR82Lfig6H5A&sig=Cg0ArKJSzHF7cbui1yxqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1162&cbvp=1&cstd=1160&cisv=r20220831.82882&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 03 Sep 2022 13:32:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
2205_SEMBA_iProspect_banners_300x250.html
s0.2mdn.net/sadbundle/14196359717863263274/ Frame 27DB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
63aa92d92ed9131c7e6a88124cec6ebcb1f8ee9ecdd62e8ebf9e7622fb0d5c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
22344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2384
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 07:20:14 GMT
expires
Sun, 03 Sep 2023 07:20:14 GMT
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 02CD 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuU8oNNVFfyr23gfrW31O4OjAE_clNnZCqQo8swa7D9--eoNILBGMfHu5VhEhw5Xy1BE6rbRkhNjEe4giNGD9dwx27V8oYhXpPURr3ZKrW-kGdGsG8Xy5oROKaYkxxKITTEqzg4ftyD39l5MGYq8FppAIYqWeqzLOIJfPbyHAMDj1lGXQFpEZ9N4ztedv-HhptmX3xiAlOWtOv3hQIEx3eAdrSjAiIKl0BX28K9qnAdPiN2xh0LimNq7prA3SVg4a_NoOxTSOajVwNqXiKGARdflWvn0gjc2HKJjJsMob1kXyHKV8PIrU1tn_9XivoEjuPO75i-qp61wlPCpXQsUYnyboidIe6vlLbxQSCljnSju4iHfFANUl35dndh9vJmJbhMargJcE5o7aWgtf7TD6M3u2vAeZCeRlI5cZPfg5PR7yMOiOH6MBQpuDbMCyFKZPMot5v8lpIskJZefbdPSU7aVL5KtGjTl5ZybWV-jnk9aL30EBM0RtvgkhHcNunDvVZBzV0S5krcV-vYT0Td7tzdL_CbLDp7v61ux8SdMxwjGftoztIRM-STCWZ1QxRAXCfWn7gpsDJqDi3hdn_SKUmiC3RyPoPCzM-zWtc18JY7Vb5WRFeVIBQE66R7hTVrzt2BoNHcgKr7CdxGpCzM6BU56WXQgh9SUGWu5-JEAkoqQsZ6TRxPDMZmJFHxWmWeSXXCQ9Cm4XtKmnQy1-FFNAeAWYMJ_WFd7Cl5f7bCKofc0DRcW-ZnllAwk3yOHgn16VG6_lGufNJG9Z_k4MkucvpFGzibbFcj-YoOeVKRhsBVIggbBmlOLrelXFy8spgSb5P8TMxZiqp2eJvMkhgFkeAUAIg4in43cdjPCM_6iMj3zc1n9cY-66FP6j_ETH4qDv6mRNcAKBIpa-LLUsOyc9jIGfk1z6NU8Iqoe6OwLB7au4SZYvE9MFRD8qCQRSWwPWvCbTXxqdDkGxFdt8_Qu9b9O6QlyJx5PEsthOiHiozzzCi0WOCfNdKuEODXfy0bR2U3_uLU4DUteymDT2dmnBZXJTH6OBjgS7ODkGmBzVU2gkWOQveqyIYw4x2mFytO_-YqO8XmN2cqSmw-vKuZGivAX3Qd_5Kg1Nfzaak534a4USyU3TlQV_xh1gbCzNjBFqKSznd28xO-C3j43c6g1P8ai3RBdPufDA8vlqQAvfs-qGJ1fwCD&sai=AMfl-YTiy0k-nZHRjCLEWC1-K8M9UoQ1HyMAgnjqvhzGuhmLIvmWfRBmX9SW9pJViqSuSHy0xUsZevcjxugwCzG9gGY5DOKj5JpzIMC3ctJgy4s2aBMYLFTWZ6DLLQlXZrWvt3DeEsJ-2dWcVJsatL18ER227uuJaQ&sig=Cg0ArKJSzDH9eTP6bQ8ZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1160&cbvp=1&cstd=1158&cisv=r20220831.89023&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 03 Sep 2022 13:32:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 0D84 		85 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
2c64cf7ee5f81d959886e39e1a58f7dcf963419be91a86664c5d8147abc51774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
94604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20008
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 11:15:54 GMT
expires
Sat, 02 Sep 2023 11:15:54 GMT
last-modified
Fri, 13 May 2022 01:13:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5AE0 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4dk3jH69CnXoJAiRYmMHgF-6OYELya9EjwQ60MjrF4fue6v622VaVy_CMuJoqlprmBvuiMu0k95oF2vzDg7KYhCJAonYAWyeK5C9XyKeomD5rmYXjqpK7IxNGmYP9OdJwAxEtjtddWOzbzKQdNExcP_iEJbJmWOhabM_3adwaKcdwkTAFByr4j4Emt5XNrH8oswnwvRLR70rPtsVsBn7Kf0P1dSLr0XOPa3k19SDCDp2Pc8NhkfLK5Vc_JHi04Cj6IDl64MZxq92YlI8p2_bwEoGJ2eLWey8Y_DWhtZTO7NMy32krumgEEvfnpQFQsS263Wtr7MblIRfHSD0FE-Z3ode1_YIlOGeiOLQ20vcWxi3f2j-L_oljq92PdqueagTjV2vPjwoiO2Yyrsf10bRBty05iiW7ScRTUP3H_ODQKS2K726TZX-Ak_WAjAYHhGI_xZokYd0z3x4JyGNg5LAqwHjFuKdoZMQSdiD382aDt7SUw4roHFLFHwZFGeRVsjUr8Ndy2eUwaGPIHs74JL8pChIGdX9htkATdWZeN-8Bm4k9p1QWWmbZvRENcaKcGseLe2C7qVfv8hLkeKwVU7JtJHJB8i6jFysHU_3w5jsnzShAO3_bPkO1ymEQZppZr_Z4T_qqnssn5vyYBFsbP7xNdvlr1tLkTD2iAV7uege98ttvoIvkQ1fY7Cu2rwY9o5DW8YPIQWjP3hCIPbC8GO7YNd_zSsiHElaPJ_2esskXeN-JhrVY48CC-du0tx13QeDKinfZ7kLKNu6zizUp_TngtbfRO7WnvcF7_TMYkl-3SexWCPzVOooPxBNqkJWzY3ILaP4SFQBJZOcA1lAcpBHq92dqiytma2WvpkpgjdbL4_yzjaImAs3NcEKoPFbJeuG0yCfbS8kJRUMSXRGOFIT2OwvY_nIUBvJZrClf0b_JivG6Aqi49vaEAaGODJpxDCeIsZ42FBTU4ekvUjn8BMyATCE_hFXpYApP8e8JDx2-SSkKaynZIWvyPKQIKfxfivWD3vTmf0s44y9tfbT9HlHdOWjaJPElDG9S1J-D-rpJ5g_B7ncUXSzfbcVFhs2VlM0TnaEH73LGbBMzQIQZwCTWbuuFaDMAr7wQNfW_DFPsIJ_n2j1cmWPZb08zHIgRU8x1raaah3uV0EWPvHgZW_zoWlvQ-VvnJNLlMncU5pKDqrPovdYiSrp8yMwyKH7q3tW8zcv9sqOWLsIR05rwUO4-mM1o00bEXqNjWYnJjszIsSYg7ubmdo-1X1AlupC4VBcv9MMzPMQXSUKGqPDVF8AeR2JLu5a0Dsc5nuLdcQSalt6JlwiCRrEEOHLZ&sai=AMfl-YSP7qCIHMMPdMKeTtPUk0YFbMf_Iiq8oWXWkSN2XXtefvzOvN43di5ojb5ahJM3nVWjv6gk_1ALwOWPUAdeo347pFVHoYw--6KfJLU5vhIHA9hXNWYWYV2dQ9MR6mHhXjxVD2-oSJoIriTS8lONu0gTcwwtznPIBTnGd91t17opTyyjeYwrAyLwvOTeWO7qsLkNSBskPTY-gkSAuPGRNq6R&sig=Cg0ArKJSzPC8USeNfG2HEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1201&cbvp=1&cstd=1199&cisv=r20220831.11157&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 03 Sep 2022 13:32:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 5AE0 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.240 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.362.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 13:32:38 GMT
Server
MMBD/3.362.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x69, hkg-bidder-x120
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 03 Sep 2022 13:32:37 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 03 Sep 2022 13:32:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
409105
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		334 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
88ce5b531b6a7ce0f7b6c3a975a1d182a89c8cfaa4569c3411c89b4d811a2208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1180693
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
75eb0b2e9ad979f935969be6704b1e0945ea99495b4d172118af9f2faaf4843d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Sep 2022 13:32:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 03 Oct 2022 13:32:38 GMT
usync.html
eus.rubiconproject.com/ Frame D40F 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Sep 2022 13:32:39 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 6D6D 		532 B
640 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6e75027186719ff56da6bd4434093cb02078b446cc2e64eb57da865fabed1778

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
328
content-type
text/html
date
Sat, 03 Sep 2022 13:32:38 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8849 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31443
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 03 Sep 2022 13:32:38 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 43451
X-Served-By
cache-lga21979-LGA, cache-syd10121-SYD
X-Timer
S1662211959.646671,VS0,VE0
checksync.php
contextual.media.net/ Frame 1ED3 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
87b2d2f3a0163f188f5a5fce2c0571c5e05ecca4d01cd3cbc488960a29965514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Sat, 03 Sep 2022 13:32:39 GMT
expires
Mon, 05 Sep 2022 13:32:39 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 02E7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.239 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Sep 2022 13:32:39 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9E5B 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1662211954079
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame B6CD
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1021 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
34843f25c8a1b48ce36fa3464616d179cca6502b8d322e5e514efc02d9a6d6f6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
453
content-type
text/html; charset=utf-8
date
Sat, 03 Sep 2022 13:32:38 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 03 Sep 2022 13:32:38 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.html
public.servenobid.com/ Frame 60AD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1661278076254.v6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.53 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
74667
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 02 Sep 2022 16:48:13 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 6c75f370e2f32e8fc940abded097e39c.cloudfront.net (CloudFront)
x-amz-cf-id
nOplDZ7_sBffI2AGjgiO17mVBl6Tv5AXKiO7aB8RWiLe6OfVOw_zlA==
x-amz-cf-pop
LHR61-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 0B63 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 05:57:50 GMT
x-content-type-options
nosniff
age
545688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 05:57:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65B6 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtYqsdFcTY6aFJ4HIoQP9hYrABgAAAAA4AeAEAg&bg=!RkWlRQHNAAZTikH4c4o7ACkAdvg8Wr2kfyaIXej2dOES1HHhYaupJ7JUiW0UI9NWia0rtGaRcoOCFQIAAAFHUgAAAAJoAQeZAutKeivkzrX7a1MNHkGSVOf54m5XkRNO8MKbwg5J7fQXC3zamVqR6LRsrLKAnqPGvjS6pWAGKad59hRUcEQ4U0bPxPx7f1fCEzXqicLNumLPDaGwRf27SjPEwXKY3diBj3PooZrTYt6_kXrDCcbozUskupJ_9NvfmGi-0YTb4tU1vijZpd8aztC0_zNWLZWDzvzgUcBXeSUQNywVmb6QGV6FmJSbaqtCUBaBoXxLxiUVCG3h0d_VxdCEtgYE_Io7ytpEO3vgOAlTAtS3gQksz9wq2I4oOZRiIkw0m0-TR0zvKjJUKxex-6zoBkK5j_37-uPc5GiJt32g94BccRGpO5J9l3Lbrn3SLfljXYNNA0mb4C5GAEJ0nLOAkc_E8feARAVx2v5FBHdsJCdE58vFy_8-QRrCZgtnyqswWIn5Ji9i2FF_rAw29GpK-pBMt2NnTddE6-Tsjn7dEjTm3p6l22skvZpCqF6ibuzLNCPgvJdq7w_E7K6pAHC5dsm3_QQBCW96ddqeuUzrDU_0MIbW-cZXv3qM-D79X9SJvnJe9yxJnBOkzYOlO76sgWTufw6njlCDMon9AP63yhcdnYvxzhiDm_o2vQz6KeJ8VsIhAjih7Cvo0tK5BYhD-L-zEkli1Ze7rUpuRk__WJVz4sH9qAsYc_jfcZo3jYdc_8sTVbVzLFst4PZ91EYPxMYtryTAT_ljmiT3uGpS9ycYjUMiJ9H4XefZiRdGPCgNpLXvf4JNy0KLdqr5WZqxrEfFJBSdV-WE5uwPTZcUaiIAS2Wx_QaEMGBAexm5opG_Iv8pquRMt2xbeZ5a41F08e26lYrhImtbylOKWUIMjr0Is6Rw1ESzy5PX8PxAdOHL8BnF4fUmLr4lKXjWG5f0DsYqu-3oJlKo13TVKvJV8Kaxhefg4kHZAb_XfonI_W1L2saHCTyWzJesvFW7b5h4EWrIYM4TQ2zVZOHr9peCeu98qPPZBodaEfoH5SXoRWzR_kY
Requested by
Host: c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCFA 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzhbfdFcTY-P9KtKEssUPhZmO2AMAAAAAOAHgBAI&bg=!YWKlYibNAAZTikH4c4o7ACkAdvg8WhchYyEHj-ptGL9gjQs6kmiXMnnoPW9W1Hr_lvmVUZXKZLFyTQIAAAFuUgAAAAJoAQeZAw6ZKokrMi7zF8WeJfVaJeD93bHJpwmSt1aif-0dgqj-CQzp7ulNWhBypN_Da7J8ZAnc-M3GQzsrVAe8WsV_2S4Nc7Lv2kuqfogASiBEJfRs4Hn2L-aJX8Ow_9JYwSfJYfZFRUxHZsZnX5FkIF5u2EM0h-aCLla25Sl2GIY2HkSrDDUreMTMpLtoQOu6zhj6_xuhrjxyb7A7Qsf-obSRW4bcQFPfT7N6M-FARcLrvWS0LLd5Zo5Jsxv6rs1C1r23RB0WwHfwE7VOgESeeiEj46KnxmZJtbkQ6D_ZrHSL9OxGHcb3HxD23gPHAHOySsudLCfx3ig4hg2OpCaOiAQ9RhBdRA9CZQh986IiBN-qxevyQY-R7PMm46bReN-Z5C33spBtpcvYjLrlQNrGGifJHfK5mmvVc2fW-BF83WlEvBbbAJ1GMWumJzfMwqQ-QUYe80037Psj1YaKCJ7SS_4mHZs_Rx1XFQ6OPA5KgJ-x2UR3hAR7jbxFOy6eAyfYqVpyS1Y9_VthETOUmAr1te5RR8a302HH0yiAUta6y9i7HSZGqiTSUDjYLv5D7OFVRWb943IrLCoKeul3XY_7fZdpMxA2E1bMM281GjdbuOfidmROOrGqW-bOw16dAvXpAIYpl8-gzluHZqpHjiWZ1Qz6_UTNDZ7p3hL2CTy2NJPl-tVLcN3_U5U3qaIeciweYlT9Jxe-4vkpV0SCxnLlIanZrfnfjMxjsd39qwEW98SP-4aEQnE80HsbWyOdbSeDj032ExntRFfg18s9i_UYbA1sYlAvECf2Fx7ih38yCLXxYPyWg5Cu8t_ExVzN9JyjvXRlblYepYCl7VG5zLY7fyjR6XMUcNrJOcbvA9fWKvoeJocEgphXqGUS1pMHudSOI96qf8MPSj2npW7EBKhsNePpc3ZcamVKl0p9LJDZOLiwx2HFZFGEa4UhEONI8PlOwIyuHSaB2tJsQUvIVJ0q3Wh3p2yK2jyk1_dK3gu4EJ3bosxO-GFaQk22B19I4-rbpdYDfc3CG8wB-Ya7miSxdVsq4g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8016 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bjc73dFcTY_WjKuSz1AaNkJOIBwAAAAA4AeAEAg&bg=!CwilCEzNAAZTikH4c4o7ACkAdvg8WioIRnlE37TeSrOsId1B-v3ceweN-GipRiA_bHXnMZ1x86gG4gIAAAF9UgAAAAJoAQcKAGCfvJ6GG1OmEuvLzNx2rzCqfGfh-izbeYnaLjpsqXLXcBJiVE9-q8XyqUMIxvCVFXZCL1X4e_6xPBJ5oqx3gC5gLAUGcBl_H8erTA26i38fyB3QdPQhM6dBPD_EYzgYNyuZAxlOdr48aMPW4GMrnUWPw6BACF7ms3xWQqXgISyIKeoNbx3xLNYy7evjte6MmdW4qANY9QjPVNIFi1h0jtObJZWcbOV7gSffqvY_BG0xFqk801Rjx3nAU0Jnu1WA1QY6WjiT0vWA9iwZ411knEtzPWQLySv3O2OYG7goHtQXxiqc1U9ozO5aGkLyfonXJCI41NfE3euKuoEcssxrNKGMX2XaMwZ7uzLsvNa0QK8BJCgErHkm2P2k0TCuhG3u82FNKwI8aTK9PrZkEutjD8CK8sW2-ZsovjW70rnoPpj1fmvsOzFhbFcyLj3ddJLWwdXJQf2KgqyxeYCMIBCpHffSg1A3XVECXwAMvYE5NAcumLRThTMkNbRQiJBRs5FLRl7dmniQhd43X-lTMOqIXdkQJkxxZGt4aO2yJMQ9tafk16ry1TDxsDuvQwv5infLgVsLyUL8m6yl3PL9UbcINM5ct9b4WbUJfqn0onKWrs2sl-Zo9ZEZcZnXQJa25o-yH6boRQn-FmnJbRFKUKqy_g3e4AsuGzCTaRuOjqdGw2lnkmwwgv67sqSBRRyuwUNrYHxIK5KSO1LVFv6aVvbFTalrSYKfgNtx_eOtyjt3VqcZ7fGSnKd5165RPOUnmG6Sn3O4SsOVh9-6_1ydEnTG_IHuOkpy0_5cfi4KuhFruNSbDl8V0mWYQVHv_g6_CELrjSyn31i5IGdzTUmtu-q6aTFoCgMdM7FfdCtf-DqhAQwbndvEPYWByIs3yH68Aq-daeb0-FMbF3AKdhXAkmRNN3WtHo7vIdQ5UXry3ooyRZqihG5tGGtxEP6kk2ukKP1z_FD-sTkmwllQvyQoIBJsPrKlq7rdyewSdoOUu6ce8wdBvbno7k1CWy_vNkPNjahZDhuj2o9NTpwbK1SoqUrOXHMUzsrQHgJV3n4sLX7wWSi5ZBzebvnhTvcotmTdumXXaMh2aKU61FzJ5_9QfQH_0UokrSoDblelz6sHS8U37STxhuyxubaxmp77gpMX8HV-tvMBTFzkoZw0y1LxEkBQ7fmYtR5Bwwy3DpQjenTS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955360&bpp=13&bdt=271&idt=482&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=2420762395174&frm=8&ife=1&pv=2&ga_vid=955881654.1662211956&ga_sid=1662211956&ga_hid=177951552&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31068855%2C31069206&oid=2&pvsid=2017665063826966&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2vya8wtnmmof&fsb=1&dtd=496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 0B63 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=KD8pJvLChlIcw9LzwIgfzQa6omhAmPLtFIyXxc1JJ7yo7tmiCywYBn3f0OFKbChMUW7v86MhshMBHUcCTGomHB-huDOMU2v43sL4eMnwUpMUL2q4lZV__T9BJ4hsIZfBfZXR-ZE6GHSaYBIElFOKwmYGyduTq9sQ_TJMN-c7hNA5D637LI8SIOu9m_Y0vrphJAn15I2waCb5lbKvjQL0rTpt7SwP1rSrILROP5ncV1LJWTkiNKu04kfkHhfDY3TTfKp7QQ&sds=2&rev=82604.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YxNXcwAHpPgKaP4VAAstf311_frj7gN02Y1RuQ&u=%7CzsNWlIJ%2BY3VtyKoLoRZUhO5WtF3Fxs56YjdTCydxD5s%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQWtCdBOgT7K4ozbUym4LQBP0pW1DkPG3cTQB0txIhX3ZzlYL8sTLz7c1QsYqAsmstEslPxiRqNid7_jcURzAd1vHPtoVYaGWiiQo1KrA_h4jAUID87w6NNkTSvkxwxcwHvtOJQ2KYTV6Ngg1vxLEHr_mafo9ed5PVAoKwNIraC9lmq9JVBc_MnZcGr4yO-b4TTlIjtW_Ey5C38YS91kCcAfwgjfb6YX5ckcMU8fBz05Ff52QfhgVImvqODOpWRyDdA5Qq7tAnkJf6l_oJBYnswBAmEEwVnJKY5IYwsXIYBzDkXge2Jy98RMk8MsMICKMHMqKJpFsd6V2sSaRgI_vKz95RmiqtEeNosJlX25fYBbC8Kfir-969iAWJB-LDXKCjIJldfpX-MqkFLMyf3DtjwDDwAR5ugFaBujdE9IuFiSXw6uF3WYR-Gj065aX4w-pOwIWHZj2qlptYHrtFWDuC8rAsjM5G1-At6MqBnxVHQ5YnD_gDPAUBkGRC2aNh13k7DKKxMtlvlFKZ98-cnZs-fvumdnIyaIxXRG6V07T8qkunj2pFm2F45LbaF4BJJF6PgPaurbOYCxbAECNtS07fS9OViBKcZER5Z2HsGquNJ-g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvl-Nc1cTY_jJHpX8owP_2qyICJj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDSgAbbZo9ADyAEJqQLDw801DtumPuACAKgDAaoE9AJP0BQcZH9enuIvlS295legJfr5IhzfJj205YqNbpWyi9Sj-da-9JOJOmdY4lsKEhkmuJLo2mebzLCsNKZjyX1609QNW__KzRZXr_R40z6lSDNBvvWUWdHkUzhZ3ICSL26b8Uw7-BRGiTBeFBS7qREpS2sCBy8NIpCFX9drdbYfs69KpK78JmVQTCWq0ojtcgg15Z83JuztX0f2_ARXzBo1jxfkGTWQ3Stom4FCyxNJ1XdIpb8axTHASDc-t_olqzS96-EAvlGwXzrBv9VuFSEKPzC1NAzwM4LKWiFBg_xGGQ0KZf7XwvI4y7t9XhJ9ZSqeSXZ_4xoOgl43YqFH2-yPocFBA8bizvd9JbHS3cN6MPUVyXrmtTPpg3PlOJYecXTClE6VYwSOgWpA8k22GLrmqMwstQcz1qvxnfWKBbgP3_003n2DwKtVl37vaHIltu46TSx74G3DXFt7OfEAQ3negC2ym-82Lxa-xMtIM-CuAKLk-irgBAGABtf2__fPtcaVQaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KzjHU5-2GRSJi2D1ric-d9jEGrA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 03 Sep 2022 13:32:37 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sd
us-u.openx.net/w/1.0/ Frame 6D6D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2675210712107216769&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2675210712107216769&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2675210712107216769&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 6D6D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e25c93b2-1484-7c75-d0af-aabf26b93694&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=e25c93b2-1484-7c75-d0af-aabf26b93694&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3577886c-293e-405c-944c-d97075ba3a83&ttd_puid=e25c93b2-1484-7c75-d0af-aabf26b93694&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3577886c-293e-405c-944c-d97075ba3a83&ttd_puid=e25c93b2-1484-7c75-d0af-aabf26b93694&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3577886c-293e-405c-944c-d97075ba3a83&ttd_puid=e25c93b2-1484-7c75-d0af-aabf26b93694&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 6D6D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxNXdsCo8YsAAGexlzkAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxNXdsCo8YsAAGexlzkAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 03 Sep 2022 13:32:39 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":37,"gdpr":false,"ipv4":"173.245.209.81","key":"YxNXdsCo8YsAAGexlzkAAAAA","privacy_sensitive":false,"uid":"YxNXdsCo8YsAAGexlzkAAAAA","upstream_id":"m-ad293"}
X-SO-Key
YxNXdsCo8YsAAGexlzkAAAAA
X-SO-Upstream-ID
m-ad293
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad293.dc4p.scaleout.jp
X-SO-UID
YxNXdsCo8YsAAGexlzkAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.81
X-SO-Cluster-ID
37
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YxNXdsCo8YsAAGexlzkAAAAA
Cache-Control
private
X-SO-Ads-Time
41
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 6D6D
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWOl__l1UuLnks8ADsd_u28P9M8AAAGDA42qhQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWOl__l1UuLnks8ADsd_u28P9M8AAAGDA42qhQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWOl__l1UuLnks8ADsd_u28P9M8AAAGDA42qhQ
cache-control
no-cache
content-length
0
x-amz-cf-id
-Z5kQ6cwPyYtouVCJJWDtGaokqZWmt-WVSOZWdRmrC4NkoF9bStrZw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6D6D 		170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2UzMzQwNzgtZGRmMy0yMmQxLWM1NGYtZjAwNmVjNWJmOGY0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6D6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPjQjB-voBSQUmH0PJkExM4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPjQjB-voBSQUmH0PJkExM4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPjQjB-voBSQUmH0PJkExM4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8849 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:38 GMT
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9614c014-4142-4e42-b6aa-967407048b6d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 0386 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.235.208 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:47:39 GMT
2205_SEMBA_iProspect_banners_300x250.js
s0.2mdn.net/sadbundle/14196359717863263274/ Frame 0386 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.js?1655250755257
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
3004b319a2427a6a57c345f5e6edd582ee3e421592a39fca700e3e4c14e17bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 17:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10309
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 17:57:09 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 0D84 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 06:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 06:14:27 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 27DB 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.235.208 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:47:39 GMT
2205_SEMBA_iProspect_banners_300x250.js
s0.2mdn.net/sadbundle/14196359717863263274/ Frame 27DB 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.js?1655250755257
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
3004b319a2427a6a57c345f5e6edd582ee3e421592a39fca700e3e4c14e17bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 17:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10309
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 17:57:09 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 77C2 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 06:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 06:14:27 GMT
xuid
eb2.3lift.com/ Frame B6CD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=3577886c-293e-405c-944c-d97075ba3a83&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=3577886c-293e-405c-944c-d97075ba3a83&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=3577886c-293e-405c-944c-d97075ba3a83&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame B6CD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTg1MzY3NTM1MTY0MDQ4Nzk3MDU2
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B6CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELtYDIzvzs2_kL_mJKxUTfk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELtYDIzvzs2_kL_mJKxUTfk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELtYDIzvzs2_kL_mJKxUTfk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B6CD
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTg1MzY3NTM1MTY0MDQ4Nzk3MDU2
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTg1MzY3NTM1MTY0MDQ4Nzk3MDU2
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTg1MzY3NTM1MTY0MDQ4Nzk3MDU2
date
Sat, 03 Sep 2022 13:32:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame B6CD
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=585367535164048797056&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=585367535164048797056&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2f139299-8d43-41c0-92e5-b41fffac2580&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2f139299-8d43-41c0-92e5-b41fffac2580&_noobservation=1&_expected_cookie=ae882de...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2f139299-8d43-41c0-92e5-b41fffac2580&_noobservation=1&_expected_cookie=ae882ded06a0cb91abe9fcdcaf4ce780
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 03 Sep 2022 13:32:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
744eda506ceadfbd-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2f139299-8d43-41c0-92e5-b41fffac2580&_noobservation=1&_expected_cookie=ae882ded06a0cb91abe9fcdcaf4ce780
date
Sat, 03 Sep 2022 13:32:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
744eda4f1c0adfbd-SYD
content-length
0
sync
a.sportradarserving.com/ul_cb/ Frame B6CD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=585367535164048797056&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
0
0
c.gif
c.bing.com/ Frame B6CD 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=585367535164048797056&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:38 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 136F254333854EC2B40A4C117741CC24 Ref B: SYD03EDGE1614 Ref C: 2022-09-03T13:32:39Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame B6CD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/585367535164048797056?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-EK_gVeNE2oR8wgZHg37j6U1n9RMuDBBohxdqJOQktA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-EK_gVeNE2oR8wgZHg37j6U1n9RMuDBBohxdqJOQktA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 03 Sep 2022 13:32:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-EK_gVeNE2oR8wgZHg37j6U1n9RMuDBBohxdqJOQktA--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame B6CD
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=585367535164048797056
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=585367535164048797056&dcc=t
0
0
xuid
eb2.3lift.com/ Frame B6CD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=F5oB_OtRontfkRWiiHPq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IY2W6QS7J52FE...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=F5oB_OtRontfkRWiiHPq
0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5AE0 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4dk3jH69CnXoJAiRYmMHgF-6OYELya9EjwQ60MjrF4fue6v622VaVy_CMuJoqlprmBvuiMu0k95oF2vzDg7KYhCJAonYAWyeK5C9XyKeomD5rmYXjqpK7IxNGmYP9OdJwAxEtjtddWOzbzKQdNExcP_iEJbJmWOhabM_3adwaKcdwkTAFByr4j4Emt5XNrH8oswnwvRLR70rPtsVsBn7Kf0P1dSLr0XOPa3k19SDCDp2Pc8NhkfLK5Vc_JHi04Cj6IDl64MZxq92YlI8p2_bwEoGJ2eLWey8Y_DWhtZTO7NMy32krumgEEvfnpQFQsS263Wtr7MblIRfHSD0FE-Z3ode1_YIlOGeiOLQ20vcWxi3f2j-L_oljq92PdqueagTjV2vPjwoiO2Yyrsf10bRBty05iiW7ScRTUP3H_ODQKS2K726TZX-Ak_WAjAYHhGI_xZokYd0z3x4JyGNg5LAqwHjFuKdoZMQSdiD382aDt7SUw4roHFLFHwZFGeRVsjUr8Ndy2eUwaGPIHs74JL8pChIGdX9htkATdWZeN-8Bm4k9p1QWWmbZvRENcaKcGseLe2C7qVfv8hLkeKwVU7JtJHJB8i6jFysHU_3w5jsnzShAO3_bPkO1ymEQZppZr_Z4T_qqnssn5vyYBFsbP7xNdvlr1tLkTD2iAV7uege98ttvoIvkQ1fY7Cu2rwY9o5DW8YPIQWjP3hCIPbC8GO7YNd_zSsiHElaPJ_2esskXeN-JhrVY48CC-du0tx13QeDKinfZ7kLKNu6zizUp_TngtbfRO7WnvcF7_TMYkl-3SexWCPzVOooPxBNqkJWzY3ILaP4SFQBJZOcA1lAcpBHq92dqiytma2WvpkpgjdbL4_yzjaImAs3NcEKoPFbJeuG0yCfbS8kJRUMSXRGOFIT2OwvY_nIUBvJZrClf0b_JivG6Aqi49vaEAaGODJpxDCeIsZ42FBTU4ekvUjn8BMyATCE_hFXpYApP8e8JDx2-SSkKaynZIWvyPKQIKfxfivWD3vTmf0s44y9tfbT9HlHdOWjaJPElDG9S1J-D-rpJ5g_B7ncUXSzfbcVFhs2VlM0TnaEH73LGbBMzQIQZwCTWbuuFaDMAr7wQNfW_DFPsIJ_n2j1cmWPZb08zHIgRU8x1raaah3uV0EWPvHgZW_zoWlvQ-VvnJNLlMncU5pKDqrPovdYiSrp8yMwyKH7q3tW8zcv9sqOWLsIR05rwUO4-mM1o00bEXqNjWYnJjszIsSYg7ubmdo-1X1AlupC4VBcv9MMzPMQXSUKGqPDVF8AeR2JLu5a0Dsc5nuLdcQSalt6JlwiCRrEEOHLZ&sai=AMfl-YSP7qCIHMMPdMKeTtPUk0YFbMf_Iiq8oWXWkSN2XXtefvzOvN43di5ojb5ahJM3nVWjv6gk_1ALwOWPUAdeo347pFVHoYw--6KfJLU5vhIHA9hXNWYWYV2dQ9MR6mHhXjxVD2-oSJoIriTS8lONu0gTcwwtznPIBTnGd91t17opTyyjeYwrAyLwvOTeWO7qsLkNSBskPTY-gkSAuPGRNq6R&sig=Cg0ArKJSzPC8USeNfG2HEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2027&vt=11&dtpt=826&dett=3&cstd=1199&cisv=r20220831.11157&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
disclaimer_common.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 0D84 		224 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/disclaimer_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275773
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36700
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 08:56:26 GMT
stefan_img1.png
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 0D84 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/stefan_img1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
85062b5209b79a0b711d328194138c961240353508cb691244a1745abda72591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 12:20:46 GMT
x-content-type-options
nosniff
age
90713
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27036
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 12:20:46 GMT
stefan_img2.png
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 0D84 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/stefan_img2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
f60470b418489678f52a25d72e9bdd7fe0479d57e62f49d28b499423773460fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:19:22 GMT
x-content-type-options
nosniff
age
177197
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28006
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Sep 2023 12:19:22 GMT
stefan1.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 0D84 		44 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/stefan1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
94d0f58d59d47ce925f66c6884938e43e9b9e4361682f863e0ba88c102883517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 12:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90713
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11265
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 12:20:46 GMT
stefan2.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 0D84 		42 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/stefan2.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
b703e463206e557fbb495c56ceefa60fdeec10f0f3026a61e056c1a2032cd6d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 05:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28735
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13830
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Sep 2023 05:33:44 GMT
cta_common.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 0D84 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/cta_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 12:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90713
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3188
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 12:20:46 GMT
frame3_common.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 0D84 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/frame3_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 09:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358712
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10443
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 09:54:07 GMT
usync.js
eus.rubiconproject.com/ Frame D40F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 13:32:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69568
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 04 Sep 2022 08:52:07 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F507 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst929-V5A6ZCm7WbC1rLNb4FrDoNfDdQ5rqqm1cT2w94LcpDyqmTkZvbrcta8grezXoWY5Kdlu-hSuzCgu2qwwomrzf&sig=Cg0ArKJSzPcJ8GA4lSVkEAE&cid=CAASFeRo6gbiiggs9ADP9OJIZpsTWzkWmw&id=lidar2&mcvt=1002&p=300,5,900,125&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662211956001&rpt=2197&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5AE0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSnlvrYF1enFSniBsK2ddK-N1NVt7i-Ai6-4_zTfTXunH3mqmr2e4vrBpaXW6dEYncBwRmsbzjxUvghiFVp9MPVKxLkH1InyWGEJXm7Tuf9RW3nLnc2xEs0hj60zyFEFwlNyQ&sai=AMfl-YTBVtWVwZsC4kjJlZ_KCVNFFtl_orB1HKBxCbC4oBC2B9Ryvmlzk3OtSi6SN1sRbgnmc4KWaQ9Zz0ib8uvag_b-St0kjm1ed6uQU8fyW7xQncmJZIHq7cFVSf9P&sig=Cg0ArKJSzBCvJKsSa2SaEAE&cid=CAASJeRoJVL67oSd2gGzkb1PH5GzWfTvJpn6w2fhXPQYNVNhx4pobAY&id=lidar2&mcvt=1004&p=1110,436,1200,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662211955994&rpt=2185&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ Frame 1ED3 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
767503
strict-transport-security
max-age=31536000; preload;
expires
60
usync.html
eus.rubiconproject.com/ Frame 1508
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Sep 2022 13:32:40 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 03 Sep 2022 13:32:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cm
p.rfihub.com/ Frame B0A4 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 374E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dpba%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=100359
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 03 Sep 2022 13:32:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 04 Sep 2022 17:25:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 1ED3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dapx%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3052135596827308000V10&type=apx&refUrl=&vid=22119592483052135596827308000V10&ovsid=6944199299863007354
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3052135596827308000V10&type=apx&refUrl=&vid=22119592483052135596827308000V10&ovsid=6944199299863007354
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 03 Sep 2022 13:32:39 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 03 Sep 2022 13:32:39 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:39 GMT
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
25d0b5d5-da33-4d92-a32b-73a148a7191d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3052135596827308000V10&type=apx&refUrl=&vid=22119592483052135596827308000V10&ovsid=6944199299863007354
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 1ED3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3052135596827308...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3052135596827308000V10&type=opx&refUrl=&vid=22119592483052135596827308000V10&ovsid=2a70fa2d-bf84-4695-b3e0-d4d19456a448
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3052135596827308000V10&type=opx&refUrl=&vid=22119592483052135596827308000V10&ovsid=2a70fa2d-bf84-4695-b3e0-d4d19456a448
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 03 Sep 2022 13:32:39 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Sat, 03 Sep 2022 13:32:39 GMT

Redirect headers

date
Sat, 03 Sep 2022 13:32:39 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3052135596827308000V10&type=opx&refUrl=&vid=22119592483052135596827308000V10&ovsid=2a70fa2d-bf84-4695-b3e0-d4d19456a448
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
RX-aac18503-9128-4f77-bfa9-e19b42231c43-004
sync.targeting.unrulymedia.com/csync/ Frame 1ED3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D22119592483052135596...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D22119592483052...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4068327664
  • https://sync.1rx.io/usersync/tradedesk/3577886c-293e-405c-944c-d97075ba3a83
  • https://sync.targeting.unrulymedia.com/csync/RX-aac18503-9128-4f77-bfa9-e19b42231c43-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%2...
0
0
cksync.php
contextual.media.net/ Frame 1ED3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Ddxu%26refUrl%3D%26vid%3D22119592483052135596827...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Ddxu%26refUrl%3D%26vid%3D22119592483052135...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3052135596827308000V10&type=dxu&refUrl=&vid=22119592483052135596827308000V10&ovsid=ZaL7s3vc1Outgk5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3052135596827308000V10&type=dxu&refUrl=&vid=22119592483052135596827308000V10&ovsid=ZaL7s3vc1Outgk5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 03 Sep 2022 13:32:40 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 03 Sep 2022 13:32:40 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:40 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0c66a101650797f5a@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3052135596827308000V10&type=dxu&refUrl=&vid=22119592483052135596827308000V10&ovsid=ZaL7s3vc1Outgk5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 1ED3 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
268984
content-type
image/gif
expires
Sat, 03 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 1ED3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=3533d218-d8d7-4364-ad08-0ce37055f148&google_hm=MzUzM2QyMTgtZDhkNy00MzY0LWFkMDgtMGNlMzcwNTVmMTQ4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAdP3zqYMueZKITL3muGu2I&google_cver=1&ssp=medianet&bsw_param=3533d218-d8d7-4364-ad08-0ce37055f148
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3533d218-d8d7-4364-ad08-0ce37055f148&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3533d218-d8d7-4364-ad08-0ce37055f148&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 03 Sep 2022 13:32:40 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 03 Sep 2022 13:32:40 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3533d218-d8d7-4364-ad08-0ce37055f148&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 03 Sep 2022 13:32:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 1ED3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dzem%26refUrl%3D%26vid%3D22119592483052135596827308...
  • https://stags.bluekai.com/site/23178?id=F5oB_OtRontfkRWiiHPq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKGGVXUEX2PORJG63TUMZVVEV3JNFEFA...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=F5oB_OtRontfkRWiiHPq&refUrl=&type=zem&vid=22119592483052135596827308000V10&vsid=3052135596827308000V10
0
0
sync
rtb.mfadsrvr.com/ Frame 1ED3 		0
0
um
cs.emxdgt.com/ Frame 1ED3 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Demx%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.63.73 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 1ED3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3577886c-293e-405c-944c-d97075ba3a83
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3577886c-293e-405c-944c-d97075ba3a83
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:39 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 03 Sep 2022 13:32:39 GMT

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3577886c-293e-405c-944c-d97075ba3a83
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
view
googleads4.g.doubleclick.net/pcs/ Frame 3C45 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPFZwAF6Q2OpABlEHNhzikELcqKuENz3TWHXpKsmNZOIW8s385wSqS29TpzwMfCVey1AxfmHfcCwRQl9uxwXvUAifInDQumI1O6l-gFyP58X9M_IerOC1StOHqt1VJu37yRjZDN0T7ye5CnJHFD65FVEk7MqkK5wqIv3hcay-Ca_yhkKHQlQcG6cjJCIXRbf0Jezy01GtwnD3n1_2cNrsdhRkT2zRf-KKBM8IPsNXP9WoYTPwO4YD_p5ryYS7Ftj-SL14qXOj00o7sbA7T-bgwAYK13H643WfNUX9SKr7n2ibgN2jvwrE2VxOxuZyplHSbT5AZOWvIY8idvdXR2wnSS5zyej73T7qpJARHLKfM42kUpHEFph3LLvl-yIRUWlY0qYUGjpAgk9kgJKrnM0K2s-kFQsI8-PQJMPd2BasmSn6p6iWRkSq7x8n1XsjLa4UwFPU2AkA0OqJxTsnJMFHV1l8t3M7VmB6CC4pHrMhExACwCW09uiNzuwGnBWlPQi5ZtRm6DneC9h_a6cqoSLJUzPfHfcDR6MaAWsdtNbPqw7dJxIQaZRB2Z4a5Mj2uKHY8kL2HaBmSrLteq040Eqj101Ei-2mKVFCe_ZlXPyy9e-yMnnQtV_J_Own73nVao7f0abPWly4KUMmQKq0eFXdjPdbTTSPiq4lOkYDyopue_qVfZKQzhpHNdsT_pi-7hlQ8crQZKlpKBDLp7wWokADJut_GfJByUHjtVC_XqRbjwR-h3F9xbaXLcOi9pSECO8xBCqgmQgtFpr2h_GCrKbUDxj2oyvcbgA1prqc9d8C_QghHOBiIvKSTiWnjFKLMPOifs3EyQyN2VuM7soSwh0QmI8vpP_zcSVArV8lmGF4ZK6-jqWVVZxkjZLt0bHHs0iyISJp3o4UwTLz8R2ly876Bs97AtsH9oBmffQuoCt5NOm9rZoNqnfNTMMwmAZZqljI-_kmL538YnfX4hEDBVNoATmqV6JTKqAfGpS7Wx_MTnDSxFlhBvYxBGzuUYPwTeYajPsyXdailhYPJld6DbgRp0duMljAVKd2oS98CvmCrUSO1QspmpZj506sBzF5-24ws_1cHgEJsB5WTpk5t2doBBSuaE2k1LsXoOgpLB3oat_zvAOz-tnTzcU5OtohrtKt3wwUDmdx2uLihf6mI56lCldfjmONfPJvum-Q3KymCePIjPzkS7vrKYt1kLVAtnQuQ_xPH_pXTLBKHSzIhRTyZGr8YJvXyb7jrRvMKYm16EPWhJQ-jxZoQDu1duMl7D1eKKkrW4PItbpy6w6gqFa7Kh8H0kUwQ9puJGuYx_9hGzFACUzrAgjOFuQ&sai=AMfl-YRUXRZ0TXULlT1SrxC3jXgeBtY1ByJ3wmWoRbDeW4wUzlkdFOUDZLLYylq97F5XjBZ9Ops4dkgfyG7vkciA6XBG5tsdPdaULBEcAFPZSpwlzmHYaMpQ-TsXDb6j0paagDNmTikTyK38bOujfV-buXbm9eCrO4J7KYe7znM3LTlCvO0jYpWUSnBO41nSYzrVI3WrKP56ratyB_y6cx2hqA0C&sig=Cg0ArKJSzDdXhfk5iUtvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2194&vt=11&dtpt=997&dett=3&cstd=1194&cisv=r20220831.40725&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Disclaimer.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 77C2 		225 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Disclaimer.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 20:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29254
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Sep 2023 20:37:57 GMT
sam_img1.png
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 77C2 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/sam_img1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
11e824e773da306f35ebfbc341f1437af0eed1167dbe4053c6e68dfc0bbf1beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 09:36:40 GMT
x-content-type-options
nosniff
age
14159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49740
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Sep 2023 09:36:40 GMT
sam_img2.png
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 77C2 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/sam_img2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
5f8947828d20f8ab59e7c5e277ded685a0b701d5578ef9a969baeba8ed66415a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 12:47:01 GMT
x-content-type-options
nosniff
age
2738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52382
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Sep 2023 12:47:01 GMT
Samuel_1.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 77C2 		44 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Samuel_1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e218093a3e8d994d337993a3f5243d26eaecbce21b7aaed2a8eb10c88b309e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 15:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12052
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 15:42:07 GMT
Samuel2.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 77C2 		40 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Samuel2.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
344e02c0e49e58ad7c4726c954b00243760f2301e49f004d008f494a89510710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 01:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41649
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Sep 2023 01:58:30 GMT
CTA.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 77C2 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/CTA.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 15:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423743
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3171
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Aug 2023 15:50:16 GMT
Frame3.svg
s0.2mdn.net/sadbundle/8198994083416997216/ Frame 77C2 		34 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8198994083416997216/Frame3.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8198994083416997216/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 15:42:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10826
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 15:42:07 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C45 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstygamBhIf4ZoX4oMgle2LFNtwb1TIDfU-RnRsVH870YdOk-gQCl0T4echHu2UfVL-iIojDqQSAmzBTkPU8EmRLVEE5LT3PV89lw2nXz1IVngA1fhJiK2OHsoj_m-nSTGIM7e0&sai=AMfl-YTy-JBmj9V5thW0atSa0-BY9mMhdKHqLWw66POIH84ViDeKahclKr0Q_WQxpnK4JFq8A1-IPup6i22CNpbOmfrE4DpBC2ur1Hf8IF2i8jBSgbMKR17zUmpp6bzJ&sig=Cg0ArKJSzCvtWhmOXgQYEAE&cid=CAASJeRo8pWAA6F9jk7HqOJhZoU8lI4Wvxb0dvi4JUOIv2HkIFpsb4I&id=lidar2&mcvt=1004&p=60,450,310,750&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662211955983&rpt=2321&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CDB3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLyoZux1Ij83NfMzng-RleLLAC88HB7Z_JVQ_p4ERDyaLoM900zM0Rj6vqEOToPddIXDCo-0tEYN1tpXsCcoZPWLpcHFd9ZhBHgRPseiUlH4wfMYEmwNSNPxa-4XfJ0k1FyF8&sai=AMfl-YRAEXj1TqQuQdZmE8j-MaAJtE8G5tTMwMDjkwhliSQldg4xVhOnYy8riXTxI-pLmFMQgqenuyLVo6JORWkpCQsA0j8vq2oNZUk&sig=Cg0ArKJSzDLIB4KVDp6TEAE&cid=CAASEuRo4FxJUvS2_0zafOqRvAh3gg&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662211956581&rpt=1853&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F083 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5902d00750e3043f03c9883235be2a5ce13962f928396e2dce261b9b2e00c5f8

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
744eda4ddab9a876-SYD
content-encoding
br
content-type
text/html
date
Sat, 03 Sep 2022 13:32:40 GMT
dropped-udsids
230|241|39|73|90|191|111|18
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzlhDOmHVWPxSc5oIqg2jfh7uVbMLL7%2FHNFYsOKSuvJronnZWYY1LeK5ZhHq2vKICCybW%2FzXwYwEFRqyeq86dHSXRiV7SVPdgMDsreQHg2YZCvy0f8ZIqPnObO8lDpl4gRc%2By4xM2%2BBE1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame D40F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMaFD0Iki0gM5xrBYMyIPjY&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMaFD0Iki0gM5xrBYMyIPjY&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMaFD0Iki0gM5xrBYMyIPjY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D40F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E0ZWVjYTJhZThkNDNmOGZlMTIyMDJjNTUwOTgyMzUwOWMwMDZlNQ
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E0ZWVjYTJhZThkNDNmOGZlMTIyMDJjNTUwOTgyMzUwOWMwMDZlNQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E0ZWVjYTJhZThkNDNmOGZlMTIyMDJjNTUwOTgyMzUwOWMwMDZlNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame D40F 		0
0
v1
ads.yahoo.com/cms/ Frame D40F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7LY2WFG-M-DJH0&sigv=1&esig=2~f8cb73f6baaa4eac52971d8030de74fc8ae43bdf
0
0
tap.php
pixel.rubiconproject.com/ Frame D40F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3577886c-293e-405c-944c-d97075ba3a83&gdpr=0&gdpr_consent=&expires=30
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3577886c-293e-405c-944c-d97075ba3a83&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3577886c-293e-405c-944c-d97075ba3a83&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame D40F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/oRd0AKLG48uyS7_v1E4hhQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7763518324919957673
0
0
setuid
px.ads.linkedin.com/ Frame D40F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7LY2WFG-M-DJH0
0
0
pixel
cm.g.doubleclick.net/ Frame D40F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdMWTJXRkctTS1ESkgw
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdMWTJXRkctTS1ESkgw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdMWTJXRkctTS1ESkgw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB71 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=100359
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 03 Sep 2022 13:32:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 04 Sep 2022 17:25:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame C1B5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.197.118 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0f93b22778f979fc29593ad2a72d6ccc432d4344d3d021a31e6a753a3bc6f8f2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 03 Sep 2022 13:32:40 GMT
etag
W/"0ac3ec783cee740a1ff4ec7b3093ce0f2"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame C005 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame A7E5 		881 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
fac7bb16171dad9aa80c9bc8f3659116b74cbcb253bce337004ad262a66263f1

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
881
content-type
text/html
date
Sat, 03 Sep 2022 13:32:39 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3C53 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a81099b7b24ab3dfbd5efb4420f312ede2e819cfae280865ca3e8ca4e276ea

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
744eda4ddabaa876-SYD
content-encoding
br
content-type
text/html
date
Sat, 03 Sep 2022 13:32:40 GMT
dropped-udsids
46|88|130|206|65|10|73|218
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1kZcCt6nkyo21%2Fe%2BoIV4iflIUlRPYQdBTTZjSGKyaAGHmME4%2BBuWJ6WfHkjoUDtQAHEgpk52mM78By2iRlOT3HG7wg2xgpSkq9IG5S7Ojk0hoCVIkpXiYaUN9tViJOb4wo9LgivVEJWQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B0C0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Sep 2022 13:32:40 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 03 Sep 2022 13:32:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame 60AD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7LY2WFG-M-DJH0&gdpr=0&us_privacy=1YN-
0
0
sync
ads.servenobid.com/ Frame 60AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6944199299863007354
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6944199299863007354
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:39 GMT
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
215a3576-8523-4154-a9f4-3b2b7294f12a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=6944199299863007354
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 60AD
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FQSsCRZHT0JD8YfhQeuHOUGH
0
0
sync
ads.servenobid.com/ Frame 60AD
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FQSsDLZHYUn0rvfkRa2unv-t
0
0
getuid
x.yieldlift.com/ Frame 60AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.232.26 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
RX-aac18503-9128-4f77-bfa9-e19b42231c43-004
sync.targeting.unrulymedia.com/csync/ Frame 60AD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1662211960020
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4378964656
  • https://sync.1rx.io/usersync/tradedesk/3577886c-293e-405c-944c-d97075ba3a83
  • https://sync.targeting.unrulymedia.com/csync/RX-aac18503-9128-4f77-bfa9-e19b42231c43-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%2...
0
0
cm
p.rfihub.com/ Frame 60AD 		0
0
usa
sync.go.sonobi.com/ Frame 60AD 		0
0
pixel
ap.lijit.com/ Frame 60AD
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F12%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D1f739e44-145a-457f-9b15-d55fe65ef707%26bidder%3Dappnexus%26cbx%3Da...
  • https://prebid.a-mo.net/cchain/0/12?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=1f739e44-145a-457f-9b15-d55fe65ef707&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&ui...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F12%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D1f739e44-145a-457f-9b15-...
0
0
sync
ads.servenobid.com/ Frame 60AD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-EBMKLhFE2uF2nLB.tcXbKblRyA4pMxw8kr_tE7U-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-EBMKLhFE2uF2nLB.tcXbKblRyA4pMxw8kr_tE7U-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-EBMKLhFE2uF2nLB.tcXbKblRyA4pMxw8kr_tE7U-~A
date
Sat, 03 Sep 2022 13:32:39 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame 60AD
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS00YzlhZjAyMS1kMDkwLTMwY2MtOTAxYi0xNDk5ZWI5MTNkZmYqU2h0dHBzOi8vYWRzLnNlcnZlbm9...
0
0
sync
ads.servenobid.com/ Frame 60AD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-EBMKLhFE2uF2nLB.tcXbKblRyA4pMxw8kr_tE7U-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-EBMKLhFE2uF2nLB.tcXbKblRyA4pMxw8kr_tE7U-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-EBMKLhFE2uF2nLB.tcXbKblRyA4pMxw8kr_tE7U-~A
date
Sat, 03 Sep 2022 13:32:39 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 8849 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Sep 2022 13:32:39 GMT
X-Proxy-Origin
173.245.209.81; 173.245.209.81; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bee489d7-be66-48c1-8664-7d4377faeb56
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
_2205_SEMBA_bgtrianglebanner_300x250.jpg
s0.2mdn.net/sadbundle/14196359717863263274/images/ Frame 0386 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/images/_2205_SEMBA_bgtrianglebanner_300x250.jpg?1655250755250
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662211955378&bpp=11&bdt=283&idt=512&shv=r20220831&mjsv=m202208300101&ptt=5&saldr=sa&correlator=5495327036735&frm=8&ife=1&pv=2&ga_vid=500991421.1662211956&ga_sid=1662211956&ga_hid=799025638&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44761793&oid=2&pvsid=4367743105028993&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kt2ldrgt4mtd&fsb=1&dtd=519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
da85253da6d57dacaa32050a0a7207b8d1bbe6e77d359e17bcc670c0dfabeac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 17:57:10 GMT
x-content-type-options
nosniff
age
70530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5220
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 17:57:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CDB3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3QGWPGaNlrlo6YgYxP1BZZDVjorW6oh74-3dEtw7nyN9dBj6ljYc5OPVjNsS2sv26TeAnMXj06Qwwp3tK3NKZXlnkAoWuVo7rX9Zw1EbH-OpPYxypvYvWWv4CIpojJ-1395Ix_FYAPGrrMNY7vDOwg_wtQZVfrnUDLApewCPAb3s9Cz2m86N-eTz5nd7bfnf-CsrGKS1P6JVEApFahOw-brNMGvK1PPrpbaEpCv78YfXwMtfCNFNKFBv6CnIA90Yx4Zby6iihZHOrSGWhMLzrtCTwyIU57a1t1hy9L8tV-DMB_VPoabx1IPO-8W5NikxyywqtTmE0PMW5HvrS2SxLqSLSVuaYJR9KNJ81_iMh-fkuqoLvhNY-upiD6Opvr0qlbFPT939gk70w4zMyu8RFdWqZGtZ_p7RfbyJUmhfxXWzChYygiM_p-ztRCgHo0eTvT6XM_jKjtarZOJHiTr7Io8dFxgz2XMBtOr8hhnmR3Ijn9nHzyd8A1dLyEhkSOPL0ypneGd07vh6_CgR2eL_iMaa17uzodK8zaAkkeazxxfPhOA6UGvtsYDTHDtwxss18Onr9T0lXbGdv0PxMGlMJsUBItbz9FspHFqO-xMCQaxnLsBG4ku-aiUEY1yRbwMR-VQb-DmEkdRRKZEKgkJxB0pB8XK6H_6bp3IYj954TyupoKU495h7XxtNWp_wG73n8mLKsEiChuOclrVqR-n3XdDt1Z6A3OHhBy_9Eke54cujuWRbOy6ST2buCBKadVL-vY7amlJKQigisTk0bN5soViEOQTnBMjDmxDEqj62Ak-guGYwvFLgWEjAXGZFaerw5U8Y2EnKJUPBaXfnjm9xkiEtOetYu2ZIORtVW20TmjZBFR1VrPCBjR3R3NZwtv35qrwUhJCLx-RhNU9wJDvTMaOSLXARhMDDBEtDXCAUh-B11_Rtpx84h_mj2nBmETRHZVZZsHhxNpCWpzFmqfLkYreAUZ6QF3aa8J_tcdkZCRIyj1Pfs8r8pIX9vOFEHI2sOMFrbuv-EpGhTPJE8fKmnqfnNB4KoQhH5CSP0_Tgl8JcljG_wqVlL5StUrV_l_60miUrhmw4Su8kWNLWXgd7EmOw1YcoC-mCuuiBxNljDjPtV2wXfdi5ezMSIAX-E15687XV2jmkXvBPvdhD-yAiXGs28SIL4jMT06_lXbnH7tgs0KI9o&sai=AMfl-YQSC1bRPZNzmpkZpv811_UmqSfHu_U-FlKlAK7nqNT3LW778Bj7LAM456X2YTOZv2ji6gbc5bsLymrAz6bXWXP-h4bAF6KXzqijPbME7FdC38ZzwNVN9MocWUv5ROXdTVsxj3e7H_VWH9hnMxyR82Lfig6H5A&sig=Cg0ArKJSzHF7cbui1yxqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2935&vt=11&dtpt=1773&dett=3&cstd=1160&cisv=r20220831.82882&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 90AF 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a17c1868384df8d5664205dc8e28a6751b8428bde075269b98f76ee2ca933671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10963
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame AB8D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
baf2a12cc9401ad6da9935bc2f3c4f29eff121ee74558522f9ad568f568ecb86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11042
x-xss-protection
0
usermatchredir
ssum-sec.casalemedia.com/ Frame F083
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN_kd76g9E4DddngOdonov4&google_cver=1
43 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN_kd76g9E4DddngOdonov4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
744eda513c96a8c8-SYD
pragma
no-cache
date
Sat, 03 Sep 2022 13:32:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSN%2B6vAC%2FelhDrYon%2Fi%2B5k2wpH6lYbdd%2Fe8V0WmUMomI7OOh1nmttUoaQLN7kkwaNW5NrncLTmUKfAZYBiUjs1DaFK9XYTMkcHtWUrC6XhqxZIbRiXI1jm7MESS%2F%2BqOH2ko8PsaPTbR2ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN_kd76g9E4DddngOdonov4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F083
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB&dcc=t
0
0
rum
dsum-sec.casalemedia.com/ Frame F083
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3577886c-293e-405c-944c-d97075ba3a83&expiration=1664803960&gdpr=0&gdpr_consent=
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3577886c-293e-405c-944c-d97075ba3a83&expiration=1664803960&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
744eda500fe9aafc-SYD
pragma
no-cache
date
Sat, 03 Sep 2022 13:32:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS8WrouMliXPJzQlH7o1t148O%2BhWSn%2B%2B16ZC8E%2F3RjG7LmzJ3M%2F8Q11zszMW%2FNMfz0Q%2Bva9ei5uO%2F7mUNVrjsVgAm7er3JhiITm6v%2Bbkl8CeCL7bjfqwDVSdi7gClAx4nZI37%2BX3%2B17lwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 03 Sep 2022 13:32:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3577886c-293e-405c-944c-d97075ba3a83&expiration=1664803960&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F083 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.66.227 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-66-227.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
pm_match
um.simpli.fi/ Frame F083 		0
0
crum
dsum.casalemedia.com/ Frame F083
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3786d201-0638-8105-64aa38f5
0
0
match
c1.adform.net/serving/cookie/ Frame F083 		0
0
crum
dsum-sec.casalemedia.com/ Frame F083
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677850360&external_user_id=b59afb0a-0cde-4ac7-92d3-9ef3c06082a3
0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame F083 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YxNXdRjQIdGaVcqPLV47qgAA%264771
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
744eda50b84ca968-SYD
date
Sat, 03 Sep 2022 13:32:40 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
231
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Sat, 03 Sep 2022 17:32:40 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 374E 		0
0
getuid
secure.adnxs.com/ Frame 3C53 		0
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 3C53 		0
0
ie
match.prod.bidr.io/cookie-sync/ Frame 3C53 		0
0
YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3C53
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
13.251.66.227 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-66-227.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
date
Sat, 03 Sep 2022 13:32:40 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 3C53
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=310510e8b72a20a3&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMNg52iAe05wNbe8xTAAAAAAA&expiration=1662298360&is_secure=true
0
0
tum
ums.acuityplatform.com/ Frame 3C53 		0
0
YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3C53 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.66.227 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-66-227.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
ibs:dpid=23728&dpuuid=YxNXdRjQIdGaVcqPLV47qgAA%264771
dpm.demdex.net/ Frame 3C53 		0
0
sync
ads.servenobid.com/ Frame 3C53 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.181.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-181-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
_728x90logo.jpg
s0.2mdn.net/sadbundle/14196359717863263274/images/ Frame 0386 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/images/_728x90logo.jpg?1655250755250
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e418f21c89e2b1cfb3a9b6a8dad3495ea0fde09dc87de884951f3ead9c14dc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 17:57:10 GMT
x-content-type-options
nosniff
age
70530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35545
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 17:57:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AB8D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:40 GMT
_2205_SEMBA_bgtrianglebanner_300x250.jpg
s0.2mdn.net/sadbundle/14196359717863263274/images/ Frame 27DB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/images/_2205_SEMBA_bgtrianglebanner_300x250.jpg?1655250755250
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
da85253da6d57dacaa32050a0a7207b8d1bbe6e77d359e17bcc670c0dfabeac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 17:57:10 GMT
x-content-type-options
nosniff
age
70530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5220
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 17:57:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 02CD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuU8oNNVFfyr23gfrW31O4OjAE_clNnZCqQo8swa7D9--eoNILBGMfHu5VhEhw5Xy1BE6rbRkhNjEe4giNGD9dwx27V8oYhXpPURr3ZKrW-kGdGsG8Xy5oROKaYkxxKITTEqzg4ftyD39l5MGYq8FppAIYqWeqzLOIJfPbyHAMDj1lGXQFpEZ9N4ztedv-HhptmX3xiAlOWtOv3hQIEx3eAdrSjAiIKl0BX28K9qnAdPiN2xh0LimNq7prA3SVg4a_NoOxTSOajVwNqXiKGARdflWvn0gjc2HKJjJsMob1kXyHKV8PIrU1tn_9XivoEjuPO75i-qp61wlPCpXQsUYnyboidIe6vlLbxQSCljnSju4iHfFANUl35dndh9vJmJbhMargJcE5o7aWgtf7TD6M3u2vAeZCeRlI5cZPfg5PR7yMOiOH6MBQpuDbMCyFKZPMot5v8lpIskJZefbdPSU7aVL5KtGjTl5ZybWV-jnk9aL30EBM0RtvgkhHcNunDvVZBzV0S5krcV-vYT0Td7tzdL_CbLDp7v61ux8SdMxwjGftoztIRM-STCWZ1QxRAXCfWn7gpsDJqDi3hdn_SKUmiC3RyPoPCzM-zWtc18JY7Vb5WRFeVIBQE66R7hTVrzt2BoNHcgKr7CdxGpCzM6BU56WXQgh9SUGWu5-JEAkoqQsZ6TRxPDMZmJFHxWmWeSXXCQ9Cm4XtKmnQy1-FFNAeAWYMJ_WFd7Cl5f7bCKofc0DRcW-ZnllAwk3yOHgn16VG6_lGufNJG9Z_k4MkucvpFGzibbFcj-YoOeVKRhsBVIggbBmlOLrelXFy8spgSb5P8TMxZiqp2eJvMkhgFkeAUAIg4in43cdjPCM_6iMj3zc1n9cY-66FP6j_ETH4qDv6mRNcAKBIpa-LLUsOyc9jIGfk1z6NU8Iqoe6OwLB7au4SZYvE9MFRD8qCQRSWwPWvCbTXxqdDkGxFdt8_Qu9b9O6QlyJx5PEsthOiHiozzzCi0WOCfNdKuEODXfy0bR2U3_uLU4DUteymDT2dmnBZXJTH6OBjgS7ODkGmBzVU2gkWOQveqyIYw4x2mFytO_-YqO8XmN2cqSmw-vKuZGivAX3Qd_5Kg1Nfzaak534a4USyU3TlQV_xh1gbCzNjBFqKSznd28xO-C3j43c6g1P8ai3RBdPufDA8vlqQAvfs-qGJ1fwCD&sai=AMfl-YTiy0k-nZHRjCLEWC1-K8M9UoQ1HyMAgnjqvhzGuhmLIvmWfRBmX9SW9pJViqSuSHy0xUsZevcjxugwCzG9gGY5DOKj5JpzIMC3ctJgy4s2aBMYLFTWZ6DLLQlXZrWvt3DeEsJ-2dWcVJsatL18ER227uuJaQ&sig=Cg0ArKJSzDH9eTP6bQ8ZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3179&vt=11&dtpt=2019&dett=3&cstd=1158&cisv=r20220831.89023&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 22E9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
c92dc14abfc1e4a41ebbf183800b2a40ee9720626e6d4488d80719b1f98407df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11064
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame AEE8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js?bust=31069330
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e14e17817c09864c915bcce5a8be35415b9042926b01cc952d081d283f75ce65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Sep 2022 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11068
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 90AF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:40 GMT
usync.js
eus.rubiconproject.com/ Frame 1508 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 13:32:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69567
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 04 Sep 2022 08:52:07 GMT
usync.js
eus.rubiconproject.com/ Frame B0C0 		31 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 13:32:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69567
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 04 Sep 2022 08:52:07 GMT
_728x90logo.jpg
s0.2mdn.net/sadbundle/14196359717863263274/images/ Frame 27DB 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14196359717863263274/images/_728x90logo.jpg?1655250755250
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
sffe /
Resource Hash
e418f21c89e2b1cfb3a9b6a8dad3495ea0fde09dc87de884951f3ead9c14dc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14196359717863263274/2205_SEMBA_iProspect_banners_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 17:57:10 GMT
x-content-type-options
nosniff
age
70530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35545
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 04:36:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 17:57:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 22E9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AEE8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js?bust=31069330
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Sep 2022 13:32:40 GMT
sync
ads.servenobid.com/ Frame A7E5 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame A7E5 		0
0
match
c1.adform.net/serving/cookie/ Frame A7E5 		0
0
/
s.ad.smaato.net/c/ Frame A7E5 		0
0
genericusersync.ashx
sync.tidaltv.com/ Frame A7E5 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9537 		0
0
aframe
www.google.com/recaptcha/api2/ Frame CD52 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 173B 		0
0
aframe
www.google.com/recaptcha/api2/ Frame 2200 		0
0
getuid
secure.adnxs.com/ Frame C1B5 		0
0
sync
x.bidswitch.net/ Frame C1B5 		0
0
redirectObuid
sync.outbrain.com/ Frame C1B5 		0
0
cm
us-u.openx.net/w/1.0/ Frame C1B5 		0
0
sync
sync.srv.stackadapt.com/ Frame C1B5 		0
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame C1B5 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame C1B5 		0
0
services
sync.technoratimedia.com/ Frame C1B5 		0
0
142
match.deepintent.com/usersync/ Frame C1B5 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame C1B5 		0
0
server_match
ad.360yield.com/ Frame C1B5 		0
0
floor6
sync.1rx.io/usersync2/ Frame C1B5 		0
0
rtset
bh.contextweb.com/bh/ Frame C1B5 		0
0
sync
ssbsync.smartadserver.com/api/ Frame C1B5 		0
0
sync
ads.servenobid.com/ Frame C1B5 		0
0
img
sync.mathtag.com/sync/ Frame 40B6 		0
0
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 46B2 		0
0
pixel
cm.g.doubleclick.net/ Frame A1F6 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 788D 		0
0
usersync
usersync.gumgum.com/ Frame 3754
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=3577886c-293e-405c-944c-d97075ba3a83
0
0
um
cs.emxdgt.com/ Frame 7A65 		0
0
idsync
tg.socdm.com/aux/ Frame A31C 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame D4C5 		0
0
cm-notify
creativecdn.com/ Frame 663D 		0
0
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 52C6 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED75 		0
0
aframe
www.google.com/recaptcha/api2/ Frame 4552 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 1508 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3403 		0
0
aframe
www.google.com/recaptcha/api2/ Frame B35D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=9fa33b35-2994-4265-9b96-4309f2caaf77&ssp=google_jp&gdpr_consent=&gdpr=
Domain
c.us1.dyntrk.com
URL
https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEH0D0Yaj-4mf-s2QvrpmnnM&google_cver=1&google_push=AehlK4CtTJsdvB66U4e9vK_lyn0fVASFYo1btC8___Zry1pyo_9U13U3rEQzDFCpKTVLbbBksdxLrqVB24rqeFSKl8WkEQgFbNpq69qFrF3WoQaNKB8JUkyyx4ROx6njspCnegRGchmgiFL9vXixDWessnc
Domain
a.sportradarserving.com
URL
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=585367535164048797056&dcc=t
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=F5oB_OtRontfkRWiiHPq
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Drkt%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3D%7Buserid%7D
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-aac18503-9128-4f77-bfa9-e19b42231c43-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3DRX-aac18503-9128-4f77-bfa9-e19b42231c43-004
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&ovsid=F5oB_OtRontfkRWiiHPq&refUrl=&type=zem&vid=22119592483052135596827308000V10&vsid=3052135596827308000V10
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3052135596827308000V10
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
ads.yahoo.com
URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7LY2WFG-M-DJH0&sigv=1&esig=2~f8cb73f6baaa4eac52971d8030de74fc8ae43bdf
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7763518324919957673
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7LY2WFG-M-DJH0
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L7LY2WFG-M-DJH0&gdpr=0&us_privacy=1YN-
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=FQSsCRZHT0JD8YfhQeuHOUGH
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=FQSsDLZHYUn0rvfkRa2unv-t
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-aac18503-9128-4f77-bfa9-e19b42231c43-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3052135596827308000V10%26type%3Dr1%26refUrl%3D%26vid%3D22119592483052135596827308000V10%26ovsid%3DRX-aac18503-9128-4f77-bfa9-e19b42231c43-004
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F12%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D1f739e44-145a-457f-9b15-d55fe65ef707%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS00YzlhZjAyMS1kMDkwLTMwY2MtOTAxYi0xNDk5ZWI5MTNkZmYqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtNGM5YWYwMjEtZDA5MC0zMGNjLTkwMWItMTQ5OWViOTEzZGZmMgISBjgB
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YxNXdRjQIdGaVcqPLV47qgAAEqMAAAAB&dcc=t
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3786d201-0638-8105-64aa38f5
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=29
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1677850360&external_user_id=b59afb0a-0cde-4ac7-92d3-9ef3c06082a3
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82510967&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMNg52iAe05wNbe8xTAAAAAAA&expiration=1662298360&is_secure=true
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=8
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YxNXdRjQIdGaVcqPLV47qgAA%264771?gdpr_consent=&us_privacy=&gdpr=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=317&uid=1648679430936407249&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_2abff0e4-0f46-4f59-9c0d-3fbc279ef0e1&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=a_2abff0e4-0f46-4f59-9c0d-3fbc279ef0e1&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_2abff0e4-0f46-4f59-9c0d-3fbc279ef0e1
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8yYWJmZjBlNC0wZjQ2LTRmNTktOWMwZC0zZmJjMjc5ZWYwZTE=&gdpr=0&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=ttd&i=3577886c-293e-405c-944c-d97075ba3a83
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L7LY2WFG-M-DJH0
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP function| setImmediate function| clearImmediate object| ucf object| request string| paramsString object| adRecover undefined| $ undefined| jQuery string| currentState function| jqAlias object| google_reactive_ads_global_state object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries number| ampAdSlotIdCounter object| ggeac object| google_tag_data object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| google_measure_js_timing object| gaGlobal number| ampAdPageCorrelator boolean| descriptionPage object| listeningFors number| 3pla object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

78 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQvNG2nLAwCgoIgQIQvNG2nLAwCgoI4gEQvNG2nLAwCgoI5gEQvNG2nLAwCgoIhwIQvNG2nLAwCgkICRC80bacsDAKCQg6ELzRtpywMAoJCAsQvNG2nLAwCgoIjAIQvNG2nLAwCgkIXxC80bacsDA=
.aralego.com/ Name: sspid
Value: 89d39cdf-fce4-3d5d-a947-bd82e01b93d5
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 95ef03d8-6828-42e3-93f0-b39cb4e5fb05
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 31f0aceb-bd03-4382-8a79-6257429e0569
.adpushup.com/ Name: ap_uid
Value: ddfaf260-2b8c-11ed-bedc-00224858a8fc
.adpushup.com/ Name: ap_usid
Value: ddfaf261-2b8c-11ed-bedc-00224858a8fc
.openx.net/ Name: i
Value: 31f0aceb-bd03-4382-8a79-6257429e0569|1662211953
.bg3.co/ Name: __gpi
Value: UID=0000096da67dd99a:T=1662211954:RT=1662211954:S=ALNI_MbiM4N19vzzq0aywW_5bc4tUi4Jiw
.doubleclick.net/ Name: IDE
Value: AHWqTUnBmyPAL1vLNPVP3HP7jJGA3sHobFQVHtJuGGQ0Fcotf2E3dNQ6SkWS9uy937s
.prebid.a-mo.net/ Name: __amc
Value: 1_1662211954_1662211954
.a-mo.net/ Name: amuid2
Value: 1f739e44-145a-457f-9b15-d55fe65ef707
.prebid.a-mo.net/ Name: sd_amuid2
Value: 1f739e44-145a-457f-9b15-d55fe65ef707
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw8q7NmAY4AUABSAEQ8q7NmAYYAA..
.adnxs.com/ Name: uuid2
Value: 6944199299863007354
.rubiconproject.com/ Name: khaos
Value: L7LY2WFG-M-DJH0
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJtiXuicW2MnrUyebV3a1stfdxQI7wPc8p+jYY2tuD0OS5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
www.bg3.co/ Name: qcSxc
Value: 1662211954841
.teads.tv/ Name: tt_viewer
Value: 59904a63-9e6f-43fc-86f3-cb453837272f
.quantserve.com/ Name: mc
Value: 63135772-e6574-21c31-d1f57
.bg3.co/ Name: __qca
Value: P0-630618869-1662211954838
.bg3.co/ Name: __gads
Value: ID=b0bb315a58cff0fd:T=1662211954:S=ALNI_MbGOacV6hN3BqPgKS6k7or1VqfmeA
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1662211956.1.0.1662211956.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1086500417.1662211955
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In<rb?G4!]tbPl1M>e)ZlrFUfJ+tGXxoa>>z>4AaB0XU]zWn^DI-kGT=%D`dYP?F7sKC3If)y3KL9D3I?+Hps_Eb
.casalemedia.com/ Name: CMPS
Value: 4721
.c.appier.net/ Name: _auid
Value: mYS1F_VnDoq7oOdddVcTYw
.c.appier.net/ Name: _gu
Value: CAESEC-75vUMVYa4Se9zVG6q-Us
.yahoo.com/ Name: A3
Value: d=AQABBHVXE2MCENxn2EwI05ZQhfwqCyYwkTMFEgEBAQGoFGMdYwAAAAAA_eMAAA&S=AQAAAquFQ2Nzr_bUlYf2CyQXIgw
.ladsp.com/ Name: cr
Value: 1
.casalemedia.com/ Name: CMID
Value: YxNXdRjQIdGaVcqPLV47qgAA
.casalemedia.com/ Name: CMPRO
Value: 4771
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A7369040310697001230
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~26yd
.dotomi.com/ Name: DotomiTest
Value: 48414d78e5192026
.blismedia.com/ Name: b
Value: 631357754736E4A7CA091A50BLIS
.uncn.jp/ Name: t
Value: v_9dcd5aba-4742-4cb5-bee0-78f78fd01fa7
.ladsp.com/ Name: smn_uid
Value: a1DoVwUAQng06BlPY5v9lg7Hf7tvD_Q
.ladsp.com/ Name: lum
Value: COXItpywMBIFCAEQqAE
.spotxchange.com/ Name: audience
Value: e04e59d3-2b8c-11ed-a1ae-17c4e7040307
.casalemedia.com/ Name: CMTS
Value: 5316
.sharethrough.com/ Name: stx_user_id
Value: 0c7e1cec-d78c-428d-b41c-45f1104c9e1d
ads.stickyadstv.com/ Name: UID
Value: b1665716c3cb1657d8c283afbe595c1f
ads.stickyadstv.com/ Name: uid-bp-159
Value: 1
ads.stickyadstv.com/ Name: sessionId
Value: 1cf01069c48b920e7c0d9aef7919dfe
.tribalfusion.com/ Name: ANON_ID
Value: aWnsIHujieFo7YxU36hXu76prPR49bkbyxXqUmnGCv4fXZdY5A8WOFPfJrfVPsdX5S8Ji1DXrYaJDqJlqeE9F5HGS
.ad-m.asia/ Name: uid
Value: cRhahaB2qK
.mathtag.com/ Name: mt_mop
Value: 4:1662211958
.adingo.jp/ Name: ID
Value: 9a2d420f17da8bfca7a26f1f26688803
.mathtag.com/ Name: uuid
Value: 7e2a6313-5776-4e00-aed8-38a54f199817
.media.net/ Name: data-g
Value: CAESEGKPy_ptiNaURkZYEAM5-w4~~3
.socdm.com/ Name: SOC
Value: YxNXdsCo8YsAAGexlzkAAAAA
.openx.net/ Name: pd
Value: v2|1662211958|jElYiuvOiahI
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2263da9e06-3fcd-46ba-a3ec-e1a0135352cf%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-03T13%3A32%3A38%22%7D
.adsrvr.org/ Name: TDID
Value: 3577886c-293e-405c-944c-d97075ba3a83
.dyntrk.com/ Name: dyn_u
Value: 03030002_6313577682e65
.bidswitch.net/ Name: tuuid
Value: 3533d218-d8d7-4364-ad08-0ce37055f148
.bidswitch.net/ Name: c
Value: 1662211958
.bidswitch.net/ Name: tuuid_lu
Value: 1662211958
.uuidksinc.net/ Name: jcsuuid
Value: RBdzvta7SHuKf1hUtScw
.zemanta.com/ Name: zuid
Value: F5oB_OtRontfkRWiiHPq
.3lift.com/ Name: tluid
Value: 585367535164048797056
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.openx.net/ Name: univ_id
Value: 537072971|3577886c-293e-405c-944c-d97075ba3a83|1662211959006115
.bidswitch.net/ Name: google_push
Value: AehlK4DNCqJ9wpo-VOsclFkA51oL1IebOQohyisX6azZZqqnCE41C_LyqNKP1uOw-diejJLwY8ArVn3KS7WVgebJmoPSbcHIbeTCyg
.media.net/ Name: visitor-id
Value: 3052135596827308000V10
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYyMjExOTU5fQ
.id5-sync.com/ Name: id5
Value: 841b1dfc-fd30-4bf3-bb57-72abfb261b76#1662211958716#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCJiAy9zZ7oY7EAUYASABKAIyCwi08JmM8O6GOxAFOAFaBzhtMzN6azRgAg..

5 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqin-fang-cai-ying-wen-mei-can-yi-yuan-jia-de-na-tu-fei-tai-bei-ting-can-yu-guo-ji-tai-wan-sheng-yin-hen-zhong-yao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.adpushup.com/42753/L2EvcWluLWZhbmctY2FpLXlpbmctd2VuLW1laS1jYW4teWkteXVhbi1qaWEtZGUtbmEtdHUtZmVpLXRhaS1iZWktdGluZy1jYW4teXUtZ3VvLWppLXRhaS13YW4tc2hlbmcteWluLWhlbi16aG9uZy15YW8uaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1290b0ac39d61432252977828d506200.safeframe.googlesyndication.com
2358b6d8cf73d9dfcd6fa63e093f9dcf.safeframe.googlesyndication.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c.eu1.dyntrk.com
c.us1.dyntrk.com
c1.adform.net
c189fcaae4b526f37d75e91681a8bbd8.safeframe.googlesyndication.com
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
code.jquery.com
contextual.media.net
cr-p1.ladsp.com
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
d-249157755254426484.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dynalyst-sync.adtdp.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pix.as.criteo.net
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
tags.mathtag.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
a.sportradarserving.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
c.us1.dyntrk.com
c1.adform.net
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
hb-api.omnitagjs.com
image6.pubmatic.com
match.deepintent.com
match.prod.bidr.io
odr.mookie1.com
p.rfihub.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tg.socdm.com
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
us-u.openx.net
usersync.gumgum.com
www.google.com
x.bidswitch.net
x.yieldlift.com
103.229.10.247
103.229.206.240
103.254.153.160
103.71.26.126
104.16.85.20
104.17.24.14
104.18.101.194
104.18.13.76
104.18.18.126
104.18.19.126
104.211.156.162
104.254.150.241
104.26.2.91
124.146.215.47
13.107.21.200
13.107.42.14
13.224.222.53
13.230.103.48
13.251.66.227
13.33.33.38
13.33.33.43
13.33.33.9
13.33.88.20
13.33.88.36
13.76.45.37
139.162.40.113
141.95.98.67
142.250.4.155
142.251.10.106
142.251.10.155
142.251.10.97
142.251.12.100
142.251.12.155
142.251.12.94
145.40.88.5
148.251.44.111
151.101.65.108
162.19.80.91
172.217.194.132
172.217.194.154
172.217.194.156
172.64.152.245
172.67.71.254
173.222.148.48
174.137.133.49
18.138.158.87
18.139.207.234
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.28.235.208
20.127.253.7
202.131.200.84
23.106.127.52
23.108.102.145
23.15.148.136
23.195.152.23
23.195.153.54
23.36.252.26
23.41.65.80
23.47.190.89
23.49.60.34
23.53.160.138
23.72.44.196
23.72.44.239
3.114.61.6
31.220.27.135
34.107.148.139
34.96.105.8
34.98.64.218
35.174.63.73
35.213.12.39
35.227.252.103
35.71.178.8
50.116.239.135
51.79.234.101
52.213.181.231
52.223.40.198
52.5.102.142
52.68.227.190
52.71.232.26
52.74.13.196
52.74.188.129
54.199.160.194
54.199.197.118
64.202.112.127
69.16.175.42
69.173.158.64
69.173.158.65
74.125.130.156
74.125.130.95
74.125.24.132
74.125.24.148
74.125.24.155
74.125.24.94
74.125.68.156
84.17.37.44
89.207.22.76
003b0bc14245edaabb311163b5de785da8b910590561602972b594ef959e0168
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0100022f4513287f28c5620cf957ea6266bd3c4d6fb29a4b9e693f8c557dcc15
028b9028650286f6b95c2e210d6002e31cdc904d369ba7b0505d2cb773aa36f3
04f3c6dfebba14e03bb4837ecfb1d9a4b8a64193f6994643fd6baa9844e42fdb
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
079832362b5d73befcde24ec5f60ef4bd162ce3842a4cc0f2fe0125971be94e1
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0a05de643ac8c608138f3eda57b0efb0d59285892f4e2f26840f50abdc26fd8f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d2134126a0ba50241d08851437451c8fae095907dd2cd849fb472bcc4d06efe
0de1b9a2d02929a138d97f4ecf50990e00e7cef679b078c3f2f086cf98e96e8e
0f93b22778f979fc29593ad2a72d6ccc432d4344d3d021a31e6a753a3bc6f8f2
11e824e773da306f35ebfbc341f1437af0eed1167dbe4053c6e68dfc0bbf1beb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
146668194a5b04a329dcfea4713fab62c5953d7e604dd5e96eb503bc1c8c5732
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
158a149d291e8da3855543304eb1b2f10d01f08b44c999729fbc7ab6cad04d7c
1bd79d361abc83400bdd56eddff6192bd7b06fbee16d2126014a49586e767f31
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
21c3bf4ffebf735d5837b74b48038fab458f26c414df43e0315fa424c966aecf
21f84c1b44777fea6bf0fe447f77d4e8543e7e39d04ec459573a3f8e907463d9
222eba1eba8e0d461d62bd474725c63d8b1ed5bc0a90d59d04af27543803561d
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
276212b198e92096101794454d1fb0b20d66148a92e9328fa5c1d3bef511519b
278393c5412c7da49452c093187cda79029c22edce112757ac77d55aba67cd41
2c587e7c518409f146af4c8f868c90ab8bff1c9b970b55ce77dd6a106630ac68
2c64cf7ee5f81d959886e39e1a58f7dcf963419be91a86664c5d8147abc51774
2f7eec2acb4eb5084c7b17084573214ece0d665dd3843781707e4ca138ab043f
2fd3c768a2fa6289b4f0e5375c4745d2eaa8275aef7407e74d8da27182a1bb01
3004b319a2427a6a57c345f5e6edd582ee3e421592a39fca700e3e4c14e17bf7
327f4e51ae5d9bc27a11d2e927a85771c1d1100a571effae060af81b6a7de57e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32cf0a8fe53899cf276cb12df8c8f5f1558bfb49a803502eda8296818dafef6f
3415ad9cc5b5c7fb4413157c46df2aa21d0bac449d550208db68226caa8388c3
3417a9cafe01ecf8a924f27b2a5ff82caaaee059e140f4225d8b6cb8d9e38881
344e02c0e49e58ad7c4726c954b00243760f2301e49f004d008f494a89510710
34843f25c8a1b48ce36fa3464616d179cca6502b8d322e5e514efc02d9a6d6f6
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36fc2f21d6dba7d01e4e73761c26b7a99fcdb86f5179896cabbc1bc76bd05ddb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3958fbc9d867120501d405dfce3841e4aaba4769815b947ee0a170f9147f8b10
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ed661b4a01bb72f8ce9cbca7a333dcc66f71beea426cd51655eb44922ac8a92
3f2de25aa5e03b4972ef3b4a78e5fc4db1e3a8aa71e4430c6075661bf2279046
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
476f92cf049e0e11f637ccf1f4968f5532076b44ee8975f6ef9ae1c868f830e2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5902d00750e3043f03c9883235be2a5ce13962f928396e2dce261b9b2e00c5f8
59baee5909dbb33bdb7040412abb5a18c36dc1c17bbb7a04d1eb41a363798d25
59cce23d8d40dfee2cd3839396eab06402ff6a35e2c9f70c4a255c367cf89a21
5a7f1a3e446a5b6d6da1e48948317007b71540c317f5f9a5499c63d19400b7fb
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
5db4cf55d1980b81d43631aa03921ec781804b30e0e7bce704401cf754027d36
5f8947828d20f8ab59e7c5e277ded685a0b701d5578ef9a969baeba8ed66415a
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6138882272dbc5bdf2f6ac9a5ed71efef9bd4acae5c3cced595b0f72c763f9ee
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ebc2df6e63dbfbf7195970582958cb9b704dcf915db95a9168ce7e31b3822f
62bd0797ba2a5e2c1f77980c1a5a397fa01c7eada051e3872a3ee214007c2eca
63954db7412a3fd63153f62a15aabff7594dc0019df2e5624855dc4a51421d68
63aa92d92ed9131c7e6a88124cec6ebcb1f8ee9ecdd62e8ebf9e7622fb0d5c97
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
6574cc9aee2e78026c53eb9620a1d35cc911baed9e8f6742a9b59bb9bcfd5a4c
65fbeb04ff902a9a0f7ab0d104eb9992d991f776a71b2f1026a97611780ec2c2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
685f0aba1a976fc67818b86b8fbd3343a3dc3004f0e3882d7998e90df73bef90
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ad52b45baad5f30a347e71505dbf9653afcc29e99218c3f4cefed10df4f9b93
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e75027186719ff56da6bd4434093cb02078b446cc2e64eb57da865fabed1778
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
75eb0b2e9ad979f935969be6704b1e0945ea99495b4d172118af9f2faaf4843d
7701d8766921f2a35bccc59d08bc6997b1604c954f279a921720486d44c3e0be
7bf33c686c7d0098b15fa105f49c725fa99d02b4800bae9e067f339160d4d7b1
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85062b5209b79a0b711d328194138c961240353508cb691244a1745abda72591
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
87b2d2f3a0163f188f5a5fce2c0571c5e05ecca4d01cd3cbc488960a29965514
88ce5b531b6a7ce0f7b6c3a975a1d182a89c8cfaa4569c3411c89b4d811a2208
88f2e367789f9e3dc6136512100cc3837dba840434b58abd05987a4822fd117a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8b7adc178d8c3372ef22d873ea13d192aa9c90e93e1d5d0baa3e77399fb547ee
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90497e8894f66d775cec1a1af59de62f34e80cef869875f53e9cfb5f36b8d78d
90b0c5c60bc1352f5e630a9d859e21660f679cf9c958326e3582d89f1dd7c25f
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
921ebc501b943a97cedd028f7785cc8e525f9da41c361b966197211507bd06c3
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9354ff215cb66e25ba70cac493606495d497fb4c74af6e960556262e1f51b33f
94d0f58d59d47ce925f66c6884938e43e9b9e4361682f863e0ba88c102883517
94d60fce0db7574e669fbd0eaf201595a8daa2e9169c0240e66079fe544f19ac
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96ee24d7663a687fdc56a25bd030c0f39488914a1a3af94df7fd28cb7e4846d7
9740978b6bbc1b5edf3294d8feaab7dd5c82cc070b17e17c5df3c225b31452d3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a6c205e96ece73911f0a9e621336e9e830780a7cf899074179e2abc8d4ce7fa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f3da66cb23e99d8e28ed07259b1bdb7c04e642d08f286d8123111c060a93b62
9fc5c18f84fa32e730625d1fd0ce690f3551f226abdffcadbca55cc4a5a60413
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06d348c502cfd4f48c0da40020dc242e62a59bb792010c3ac3ad09f3ad58cc4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a17c1868384df8d5664205dc8e28a6751b8428bde075269b98f76ee2ca933671
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a701facb7a5dd9dfc5d6eb3a4badeb01b44b3c2378589c341cb328de3fdd0428
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b18fb07562ec8eabce6d1c45556ac337953958dcc0daf1a57e93177051c6cb
b703e463206e557fbb495c56ceefa60fdeec10f0f3026a61e056c1a2032cd6d4
ba4c1aa02574f79e199fbb5ff0c950dd05f9c93bd58b3fd35e8fe804cb771420
baf2a12cc9401ad6da9935bc2f3c4f29eff121ee74558522f9ad568f568ecb86
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca94656e61292b4eb642b03b34643ebba2b1a9c16773c7b09867e54c64eb169
bcfef04d31d24901dce669568118eeea1382a982fd182d8f9a083f1a34a5f421
beb701d9e3ff011da6987772f25e72e27cfc0e085a468529a48dab2c109850cd
c24b52bfbdf7fbbd16a2d473475ad39bdb8c0d5d72d234dd84a783cc154adffa
c639475111ae9c7a6c89e022ab7a77eb6e9d82145e845dfba037b53650297288
c732292cc98dcd49503c29accc119f7ff0ac5d4542638ab02cc823b9cfe69e89
c92dc14abfc1e4a41ebbf183800b2a40ee9720626e6d4488d80719b1f98407df
cb55731c4f27b1485ec8856fca81fc4b294f4245780339351b70278b3d3dd0f4
cc11299cb7cf9a97e54274a0f324b2a1867f2ab113f0a3cb88aea48bf30c9990
cd3930d932942d34ed96b91b22b40a9ad6bf659694f2a07b46400b0416286df9
cea40d5d3240ec4e3f756cc5a965a9f2a8c8dbb53bf298bc8a79c14508085a1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d5034fd91515d835db5b5c9a630af39ea1ddc85a60d7a1c1a974808f70046ada
d66d034960fcedc87da8907a2b349aee32e3b3b3479060aa5cc4fad41f8dcb4e
d8eeb1bd08c3a6a176a73f7c3b79dc20105563ab7536338977adf9673017666b
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
da85253da6d57dacaa32050a0a7207b8d1bbe6e77d359e17bcc670c0dfabeac7
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e144e8b6ee619780391596ee29839469ce3f0914740edf0a6e42e109ab003f21
e14e17817c09864c915bcce5a8be35415b9042926b01cc952d081d283f75ce65
e218093a3e8d994d337993a3f5243d26eaecbce21b7aaed2a8eb10c88b309e36
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e418f21c89e2b1cfb3a9b6a8dad3495ea0fde09dc87de884951f3ead9c14dc4f
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7f2a7b200f79c2ad72d57e7153da84cc07b06c4518ffef92b537b73ec0f5b9c
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e9153aae090fb471370191a616096f502541fb6523ba7957f9be38f195af78a4
ea90fb25c5d56b58064bf928d1dfa0800d3a4f204e24c9a3b86d6611caf18945
eaa01d775f27d8b5087f53e503ff46c102899b96f26fa26fd332a1ed0e22fd17
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec641d996803f1e4ece8593bdee2d5ce12a4ff2361d44552aa3b2fa6bff52e6e
ec6e81668d615796d873b875fa0c6d1b5ef322b50c9edf16b83a3ca3b85d5402
eeb5b30ba88b656faf54215c076acf1f23b4e137052c23d0bb45e2b2b1d6f375
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f6d34a706b2a89b6ee4ddf89307aa9490545f3ecb230f9e81655206cb860b2
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e
f3a81099b7b24ab3dfbd5efb4420f312ede2e819cfae280865ca3e8ca4e276ea
f60470b418489678f52a25d72e9bdd7fe0479d57e62f49d28b499423773460fb
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8e963fdf2fa88a93ec9cc885b68823149ac9abb9ca21a52079b73cd528955a2
f96e5df70a9a3759af68518c738fafb4c417ac0e0eb1fe51bf6532bd24f1c899
f9723d3f41444061b801c833bb798bd89f1c4e1333612c639c347d2284ccc3dd
fac7bb16171dad9aa80c9bc8f3659116b74cbcb253bce337004ad262a66263f1
fbb779a7370a139fb31695b848086c585e83ce2ee4f4633d6a47d8020ed39edd
fc3ae3e89d44a2aab1be610f586cd0b0a350f7dfb7b7b129963e1d3f6be8ac3e
fc935e4d67f62d6ea35b7733a53d6d5872e182a66ee0550d0c213395d98fb4cf
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffb9eb21741f48b801ce27ecbe566c31144159f76d7024373685f34b60c2d356