URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Submission: On August 19 via manual from US — Scanned from AU

Summary

This website contacted 93 IPs in 8 countries across 103 domains to perform 432 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
19 142.251.12.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
5 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
23 104.26.3.91 13335 (CLOUDFLAR...)
16 52 172.217.194.154 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
3 104.211.156.162 8075 (MICROSOFT...)
2 16 172.217.194.157 15169 (GOOGLE)
2 74.125.200.97 15169 (GOOGLE)
6 172.253.118.154 15169 (GOOGLE)
1 74.125.130.94 15169 (GOOGLE)
4 142.250.4.101 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
5 182.161.73.136 55569 (CRITEO-AS...)
1 104.16.87.20 13335 (CLOUDFLAR...)
1 9 34.98.64.218 15169 (GOOGLE)
4 51.79.234.100 16276 (OVH)
3 52.199.247.144 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 182.161.73.145 55569 (CRITEO-AS...)
3 6 104.254.151.69 29990 (ASN-APPNEX)
1 2 145.40.89.200 54825 (PACKET)
1 34.107.148.139 15169 (GOOGLE)
1 54.251.169.230 16509 (AMAZON-02)
2 16 104.18.18.126 13335 (CLOUDFLAR...)
14 99.81.199.81 16509 (AMAZON-02)
1 148.251.44.111 24940 (HETZNER-AS)
1 23.195.153.54 16625 (AKAMAI-AS)
3 5 103.229.10.180 16509 (AMAZON-02)
5 74.125.24.155 15169 (GOOGLE)
8 74.125.200.157 15169 (GOOGLE)
1 13.227.254.36 16509 (AMAZON-02)
26 23.36.252.26 16625 (AKAMAI-AS)
22 23.195.152.23 16625 (AKAMAI-AS)
28 172.217.194.132 15169 (GOOGLE)
4 74.125.24.156 15169 (GOOGLE)
2 8 172.217.194.99 15169 (GOOGLE)
2 142.251.10.95 15169 (GOOGLE)
1 151.101.193.108 54113 (FASTLY)
4 104.254.151.120 29990 (ASN-APPNEX)
14 15 35.71.131.137 16509 (AMAZON-02)
2 182.161.73.129 55569 (CRITEO-AS...)
2 142.251.12.94 15169 (GOOGLE)
2 74.125.130.149 15169 (GOOGLE)
1 42.99.140.209 4637 (ASN-TELST...)
1 151.101.1.108 54113 (FASTLY)
3 11 23.15.148.136 16625 (AKAMAI-AS)
1 52.84.45.81 16509 (AMAZON-02)
1 23.72.44.239 16625 (AKAMAI-AS)
3 10 52.223.2.229 16509 (AMAZON-02)
2 2 50.116.239.135 6336 (TURN-US-ASN)
1 3 35.244.159.8 15169 (GOOGLE)
2 2 202.241.208.53 4694 (IDCF IDC ...)
1 1 13.224.250.50 16509 (AMAZON-02)
2 2 13.227.254.129 16509 (AMAZON-02)
2 2 198.8.71.128 54312 (ROCKETFUEL)
4 23.72.44.196 16625 (AKAMAI-AS)
11 13 74.118.186.45 26120 (RHYTHMONE)
4 4 13.250.200.154 16509 (AMAZON-02)
3 3 182.161.73.146 55569 (CRITEO-AS...)
14 14 35.213.12.39 15169 (GOOGLE)
9 9 35.227.202.26 ()
7 8 107.178.244.193 ()
3 3 13.224.250.18 ()
6 6 64.202.112.31 22075 (AS-OUTBRAIN)
3 3 23.8.97.76 ()
2 2 18.198.190.98 16509 (AMAZON-02)
2 3.209.79.8 14618 (AMAZON-AES)
2 2 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
1 13.107.21.200 8068 (MICROSOFT...)
3 4 54.179.19.43 16509 (AMAZON-02)
3 7 52.46.130.91 16509 (AMAZON-02)
3 67.199.150.81 62713 (AS-PUBMATIC)
3 5 104.18.19.126 13335 (CLOUDFLAR...)
1 18.182.152.7 16509 (AMAZON-02)
1 2 23.106.127.39 ()
8 12 69.173.158.64 ()
1 3 52.71.232.26 ()
2 2 209.191.163.209 14744 (INTERNAP-...)
2 2 209.191.163.208 29791 (VOXEL-DOT...)
1 1 72.34.250.75 ()
1 37.157.3.28 ()
5 5 52.74.162.2 16509 (AMAZON-02)
1 1 35.171.56.4 ()
2 3 35.190.60.146 15169 (GOOGLE)
1 106.10.236.40 ()
2 3 52.95.118.179 ()
3 4 185.84.60.30 ()
4 4 103.229.206.241 ()
20 103.231.98.194 ()
3 4 151.101.2.49 ()
1 202.131.200.84 ()
1 1 18.138.18.111 ()
1 20 54.238.120.71 ()
1 3.113.231.86 ()
4 4 3.1.14.27 ()
1 1 139.162.58.205 ()
1 1 35.186.193.173 ()
1 1 104.19.172.108 ()
1 195.5.165.20 ()
1 2 172.64.152.245 ()
2 38.91.45.7 ()
1 2 151.101.1.44 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
4 67.199.150.85 ()
2 2 169.45.107.147 ()
2 2 89.207.22.108 ()
1 1 34.102.253.54 15169 (GOOGLE)
2 2 104.254.148.252 ()
1 54.250.28.113 ()
3 3 38.133.127.191 ()
1 93.184.216.34 ()
1 1 34.239.50.221 ()
1 1 52.0.153.146 ()
1 132.226.63.138 ()
2 2 54.169.147.137 ()
1 1 74.214.196.131 ()
2 2 185.184.8.90 ()
1 1 69.173.151.100 ()
1 52.201.183.195 ()
2 2 66.155.71.149 ()
1 3 52.74.113.22 ()
1 1 54.204.166.241 ()
1 1 13.213.84.110 ()
1 104.18.12.76 ()
1 1 185.183.112.155 ()
4 23.106.127.53 ()
2 2 23.106.69.73 ()
2 2 18.177.221.103 ()
1 2 119.9.108.180 ()
432 93
Apex Domain
Subdomains
Transfer
62 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
26236a2c0aee05015173d6c6a7f5ce0d.safeframe.googlesyndication.com
e93a9465eeb8f221b3954a2a3c54535f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
643 KB
49 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
hblg.media.net — Cisco Umbrella Rank: 1470
contextual.media.net — Cisco Umbrella Rank: 537
warp.media.net — Cisco Umbrella Rank: 2128
lg3.media.net — Cisco Umbrella Rank: 3677
cs.media.net — Cisco Umbrella Rank: 1357
499 KB
46 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
static.doubleclick.net — Cisco Umbrella Rank: 398
710 KB
31 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
image6.pubmatic.com — Cisco Umbrella Rank: 634
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
40 KB
28 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com — Cisco Umbrella Rank: 582
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015
pixel.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
52 KB
24 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
176 KB
22 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1417
usersync.gumgum.com
rtb.gumgum.com
7 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
r.casalemedia.com — Cisco Umbrella Rank: 778
dsum-sec.casalemedia.com
16 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
8 KB
15 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
public.servenobid.com — Cisco Umbrella Rank: 3759
9 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
e3.adpushup.com — Cisco Umbrella Rank: 17352
231 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
325 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
7 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
cdn.adnxs.com — Cisco Umbrella Rank: 1411
lax1-ib.adnxs.com — Cisco Umbrella Rank: 2090
acdn.adnxs.com — Cisco Umbrella Rank: 604
secure.adnxs.com
64 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
5 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
u.openx.net — Cisco Umbrella Rank: 705
us-u.openx.net — Cisco Umbrella Rank: 399
jp-u.openx.net — Cisco Umbrella Rank: 9434
3 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
4 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
aax-eu.amazon-adsystem.com
8 KB
10 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
ads.yahoo.com
5 KB
9 mookie1.com
odr.mookie1.com
2 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 570
5 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
bidder.criteo.com — Cisco Umbrella Rank: 759
dis.criteo.com — Cisco Umbrella Rank: 712
9 KB
8 tapad.com
pixel.tapad.com
2 KB
6 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
4 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
5 adform.net
cm.adform.net
c1.adform.net
2 KB
5 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
1 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
11 KB
4 adgrx.com
cm.adgrx.com
3 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 mathtag.com
sync.mathtag.com
3 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 936
ap.lijit.com — Cisco Umbrella Rank: 654
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 783
3 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
173 KB
4 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1614
res-a.akamaihd.net — Cisco Umbrella Rank: 6499
32 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
574 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 crwdcntrl.net
sync.crwdcntrl.net
2 KB
3 outbrain.com
sync.outbrain.com
1000 B
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 592
idsync.rlcdn.com — Cisco Umbrella Rank: 310
844 B
3 yieldlift.com
x.yieldlift.com
2 KB
3 bluekai.com
stags.bluekai.com
2 KB
3 agkn.com
aa.agkn.com
2 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
1 KB
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com
623 B
2 dotomi.com
pubmatic-match.dotomi.com
743 B
2 simpli.fi
um.simpli.fi
1 KB
2 pippio.com
pippio.com
718 B
2 taboola.com
trc.taboola.com
match.taboola.com
563 B
2 deepintent.com
match.deepintent.com
60 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 457
551 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
1 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 952
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 958
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 743
1 KB
2 ladsp.com
cr-pall.ladsp.com — Cisco Umbrella Rank: 3699
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
959 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com
2 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
57 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
779 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
895 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
10 KB
1 adotmob.com
sync.adotmob.com
712 B
1 adroll.com
d.adroll.com
112 B
1 company-target.com
s.company-target.com
401 B
1 adentifi.com
rtb.adentifi.com
285 B
1 contextweb.com
bh.contextweb.com
655 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 stackadapt.com
sync.srv.stackadapt.com
591 B
1 example.com
www.example.com
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4114
462 B
1 linksynergy.com
tags.rd.linksynergy.com
390 B
1 iprom.net
core.iprom.net
279 B
1 loopme.me
csync.loopme.me
405 B
1 ctnsnet.com
ipac.ctnsnet.com
458 B
1 appier.net
gocm.c.appier.net
394 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ambientdsp.com
cm.ambientdsp.com
650 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 disqus.com
ssp.disqus.com
282 B
1 sonobi.com
sync.go.sonobi.com
655 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 204
667 B
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 22525
226 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
635 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
360 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7555
396 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 ampproject.net
d-18727999461345680567.ampproject.net
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
432 103
Domain Requested by
30 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
28 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
pagead2.googlesyndication.com
23 static.bg3.co www.bg3.co
22 cm.g.doubleclick.net 18 redirects u.openx.net
eb2.3lift.com
www.bg3.co
g2.gumgum.com
22 contextual.media.net googleads.g.doubleclick.net
cdn.adpushup.com
contextual.media.net
www.bg3.co
eus.rubiconproject.com
ads.pubmatic.com
20 usersync.gumgum.com 1 redirects ads.pubmatic.com
g2.gumgum.com
eus.rubiconproject.com
15 match.adsrvr.org 14 redirects cdn.adpushup.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
14 simage2.pubmatic.com ads.pubmatic.com
14 x.bidswitch.net 14 redirects
14 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
r.casalemedia.com
ssbsync.smartadserver.com
14 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
www.googletagservices.com
12 dsum-sec.casalemedia.com 2 redirects r.casalemedia.com
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
10 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
9 odr.mookie1.com 9 redirects
9 sync.1rx.io 9 redirects
8 pixel.rubiconproject.com 5 redirects www.bg3.co
8 pixel.tapad.com 7 redirects public.servenobid.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
8 www.google.com 2 redirects tpc.googlesyndication.com
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
cdn.ampproject.org
www.bg3.co
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
7 s.amazon-adsystem.com 3 redirects eb2.3lift.com
www.bg3.co
r.casalemedia.com
7 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
7 e3.adpushup.com www.bg3.co
6 image2.pubmatic.com ads.pubmatic.com
6 b1sync.zemanta.com 6 redirects
6 cs.media.net contextual.media.net
6 ib.adnxs.com 3 redirects cdn.adpushup.com
acdn.adnxs.com
6 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 ups.analytics.yahoo.com 5 redirects
5 ssum-sec.casalemedia.com 3 redirects r.casalemedia.com
5 us-u.openx.net 2 redirects u.openx.net
5 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 gum.criteo.com cdn.adpushup.com
contextual.media.net
static.criteo.net
gum.criteo.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 rtb-csync.smartadserver.com ssbsync.smartadserver.com
4 cm.adgrx.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 token.rubiconproject.com 3 redirects www.bg3.co
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 pm.w55c.net 4 redirects
4 sync.targeting.unrulymedia.com 2 redirects public.servenobid.com
g2.gumgum.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 lax1-ib.adnxs.com cdn.adpushup.com
www.bg3.co
cdn.adnxs.com
4 pixel.quantserve.com 3 redirects www.bg3.co
4 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
4 onetag-sys.com cdn.adpushup.com
www.bg3.co
public.servenobid.com
4 adpushup-d.openx.net cdn.adpushup.com
4 www.google-analytics.com www.bg3.co
www.googletagmanager.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 sync.crwdcntrl.net 1 redirects r.casalemedia.com
public.servenobid.com
3 sync.outbrain.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 stags.bluekai.com 3 redirects
3 aa.agkn.com 3 redirects
3 dis.criteo.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 warp.media.net googleads.g.doubleclick.net
cdn.adpushup.com
3 qsearch-a.akamaihd.net www.bg3.co
cdn.adpushup.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 aplogger.adpushup.com www.bg3.co
cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 uipglob.semasio.net 1 redirects public.servenobid.com
2 simage4.pubmatic.com ads.pubmatic.com
2 match.prod.bidr.io 2 redirects
2 gu.dyntrk.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 secure.adnxs.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects ads.pubmatic.com
2 match.deepintent.com ads.pubmatic.com
g2.gumgum.com
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 r.casalemedia.com js-sec.indexww.com
public.servenobid.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 p.rfihub.com 2 redirects
2 cr-pall.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 ad.turn.com 2 redirects
2 static.doubleclick.net 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 sync.adotmob.com 1 redirects
1 cdn.indexww.com r.casalemedia.com
1 d.adroll.com 1 redirects
1 s.company-target.com 1 redirects
1 rtb.adentifi.com r.casalemedia.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 www.example.com g2.gumgum.com
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 ads.yahoo.com www.bg3.co
1 id.rlcdn.com 1 redirects
1 ssp.disqus.com 1 redirects
1 cm.adform.net public.servenobid.com
1 sync.go.sonobi.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 cr-p3.ladsp.jp 1 redirects
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 res-a.akamaihd.net www.bg3.co
1 cdn.adnxs.com cdn.adpushup.com
1 rules.quantcount.com secure.quantserve.com
1 e93a9465eeb8f221b3954a2a3c54535f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 26236a2c0aee05015173d6c6a7f5ce0d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-18727999461345680567.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
432 159

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2
2022-05-20 -
2023-06-21
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
cdn.adpushup.com
R3
2022-06-29 -
2022-09-27
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-16 -
2023-04-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-21 -
2022-11-20
a year crt.sh
*.adpushup.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-27 -
2022-08-29
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.a-mo.net
R3
2022-06-18 -
2022-09-16
3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
ads.servenobid.com
Amazon
2022-05-29 -
2023-06-27
a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2021-08-05 -
2022-09-05
a year crt.sh
teads.tv
R3
2022-08-17 -
2022-11-15
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.google.com.au
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.servenobid.com
Amazon
2022-02-06 -
2023-03-07
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.emxdgt.com
Amazon
2022-06-03 -
2023-07-02
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-06-10 -
2022-12-10
6 months crt.sh
*.gumgum.com
Amazon
2022-05-06 -
2023-06-04
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-03 -
2023-03-07
a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020
2022-07-21 -
2023-08-22
a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon
2022-02-15 -
2023-03-16
a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-14 -
2023-06-13
a year crt.sh
*.iprom.net
R3
2022-06-19 -
2022-09-17
3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-17 -
2022-10-05
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
adentifi.com
Amazon
2022-08-05 -
2023-09-03
a year crt.sh
*.yieldlift.com
Amazon
2022-01-14 -
2023-02-11
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh

This page contains 85 frames:

Primary Page: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Frame ID: 3446446C213F64DBECEDFA2945F4C1A9
Requests: 108 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1EA80756E8B374E150A8D7EDFBE606F6
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 6EEF22B94D0DE4DEB5939858A865AAB1
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6E72125344CC637D8AD1BDF87913EED2
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C000CF4DA848B474B981E2630D174DC0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Frame ID: 948D8BF81CF0DAD9F261D117CA0E4F46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2681516744605830605&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3300&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=80000648&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&ga_hid=648&dt=1660867445240&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&bdt=2954&dtd=443&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: A664873A456B561B87E6B738F74A9284
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Frame ID: C1E9C64AD8B4418074B98FB1373B973E
Requests: 1 HTTP requests in this frame

Frame: https://26236a2c0aee05015173d6c6a7f5ce0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3B03BE430E58FEE950D5EC86277C44C6
Requests: 1 HTTP requests in this frame

Frame: https://e93a9465eeb8f221b3954a2a3c54535f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F6ED0E725E4B15BC34BE7C9701E4C67A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CEav_dtP-YvjYCP6artoPgZqYuAms1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoEiQJP0Kna0qXhuB6MAUPtn2zgZY5gV-kqleVGVVwe2pJV20_QQN-8xzXj-bM5DV7rONkBjlCKGzXQWgRjbbMUFv2CHw64Kj4Y-Ylmq3g5S7PHUykk-RnVZRsNJaII4y4DFWccR85S0_ou_O_4vWeNPy5zkAGq7jlMS8VN053QhW2UP5V-SicM16IAetp23sjVWmssRm4Z3N6pSWbbRXaX3ZDWO016Vhe3O0nK3Y3hsfLOJfR-RBRPRFRmltYf8GyLWzvqdAPqI6tWu8EFHm2pNmerYtjGJNdn8wx7Aw1mIVsi6irAagVor9p3pJRDMY3qgoPPNOXmEWho_Quc94xA5et1DFJ9v3lbTOZggAbDxd-byq3NmOkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=iFr63G4vca8&uach_m=[UACH]&cid=CAQSGwCsnQUxPosR7py1JWPljoxmUDyHzIz3rg0bPxgB
Frame ID: 2C14AD7D176B2A56D56C7D6ABE0D689E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CzcqddtP-YtjGCNDc9QPdv5zYB6zX_fBktPaok-ILwI23ARABIABgpfiRgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAZX1m98DyAEJqAMBqgSDAk_QBEDy2flNA61PQLooPv3jSe0AnafFcMl_cp8t9sw9DDd2otePVq2wiZBRyFvwDlbb9PWk4W-DHu2-PFtCnrRf-2ifkF2O3vOZ9d84X0x97y7LZYXfcLXsofzOCaN77km7vWcHRwI5rGf9MrNulryE2K_7H26DVcZd3F4EDvpJ9_a4QlyvdW1JeDMoEKO3_jl5iJeh00Hrb1OL3f4gD_7DwCR3Jzp8n17oiQP5LHHNFkeNPbTJCY0HN9zRoiaZ_jBetz060_bAAX5McyrwS1DphyFF81h1frR88-gal0q3Kfnu-VlDOswWmTaGriRYIUSnAz5cEQaJ0UceVbIu-yxhPd-ABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=KIZXqgBd1fM&uach_m=[UACH]&cid=CAQSGwCsnQUxON3dcWPiFPQ2wrAHqnKNJ3XiTaNutxgB
Frame ID: 086EF92EB714537617D83BBF3774C5DD
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDF44F430E4764A8D3BDF5B3F1B96BA8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5671B1598C4716440BD20DD08C686D2F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D31DC26C445635C3BCBE8B5D3B08E45
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B32325CD7B44609F9205052BA30F1B4
Requests: 2 HTTP requests in this frame

Frame: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 36408E28E57ACB35F9A312AAF9B75154
Requests: 1 HTTP requests in this frame

Frame: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B01521A1EF1BA3837955700B5D58A95B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Frame ID: A3B881CB0766415EEB3BFECEF41A45A4
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWyV_dloG-ULtdC8RCUbY0mVfS2KMatumvkVotgf5wUdDK9EGLXbT_TsB2taiwlt-Dm-26pGWFwnyg6cPxYW77e--LGHMVuHbRPPTZxlcu4Tly23wP_1K83rBGqfCTsIR3jcPRiryLSvn4sEIB5AXAz-DbgtQnzQ40OvbnqgbxBISadMEYTD8pCdSN_SYyg1NYyToPThisHaKgl4uAlJ3MUbsnhmIpnnZK9HJ1EIYD7ZieYR3Y7RQCZBuy6IuGO-SP77DzGkT-mGUHbBpEH33M6IZJGscerzJfpiB_Cy7xHbwzMzZbwkyzQA&sai=AMfl-YTdyEovzwG6LzuQu3lFUM1PZxuR-cqfuMIGk0CiBZ7Wr9kZs8xRZ1pdlKz53i66iz3y6OiCULYXZ9J8FzWMudCnCdcD3aGKJcrKBAtCu8I8sfux3Re7kjX75WlHqu8&sig=Cg0ArKJSzAM8xs7H56h9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DE3EAFBD9B73C65A71AB2F12B9EFB3E9
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 23DB238CC4CE35F6887D87942119E13F
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 04F6F56B2B71EA199D5528F8218401EE
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 996D3A59C1B5A8F268C96427E345DB2C
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1AB5B4CE33934A21687F9782061A73E2
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3401456D39A1931C02015865B2EC4116
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C690A7A7753AAA58EE3FD9168D9803F6
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 693FA116C8478922D86698CEFE83C09D
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7E1935289AE9563060B2C488444E7A65
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F14346AC2D2D1CC46C7B585A5531EB60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ACE0FBDAEDBD17DD75565535D79E941B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D67EA267D894BC4F15A7A7434BB4BC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E84E3324F5625A5A3FA7A73D0C4272C4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 08593FBE654CD4FF3760BE26FA1AC083
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660867446151
Frame ID: 732B6A6BABE6CE13A788B21B9C846E3C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 72C349F7F601DC8A206A934A4F19A45B
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 4443DC3AC0D17A655345C6AD1E777E2F
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: B5D4DC8245531DFC228EF526E37CAC08
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 181C2B81AEA1BB82B3F19344F718BAA7
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: E988252712D20411D906A2953658A10C
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 34A9281C7802C42DD5D967A60C085465
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 2D04B21D3AC6300C6B0EC4BD820275EE
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=rkt&refUrl=&vid=08674507663038690486833451000V10&ovsid=2020216286487508165
Frame ID: 77893806A782AD2C4FE9A301FFE5C1B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Frame ID: 1EE452040BD848E46E29D22BAEC822DA
Requests: 20 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: CC07AFEAE78F141B3B27CE3D4EE4D748
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 87CA68D820499CB7ECCDA0D6A5C0860A
Requests: 6 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: A3D0CCECF71EC0F615663E7918BA73B4
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 4D15E75ADE291FE861B4C6B8EF28B1AD
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: E590C918DE42A42B4B4833CBF84C66C4
Requests: 6 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 3D3D88C2B258AA13598BC8D7FFC0DD13
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 0BC0B9B25F7E508F9C6733BA3B7768A4
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Frame ID: D5B541FC51D4BC4B69BCC05915C80D3A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fe6762fe-d37c-4c00-9374-538d47dd99c3&gdpr=0&gdpr_consent=
Frame ID: 0BA447BD1C9568FE70B7AC734688B61A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yv7TfAAHb5bZ9AAK
Frame ID: D9A38A3752891573E91A3D7FCBD5E380
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 1246562B9A5A0303F9FE6C35A3BF0468
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B0E04370C3B0E6B83DF9F6057351E7B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wq7yddeulc9
Frame ID: 86F915E8DF3B43DABDBF328AA99E8A49
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:k0ed6Qe41OoPuH5&gdpr=0&gdpr_consent=
Frame ID: 03102077B5E8BAFD1D3A4C2ABF528699
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rhy&i=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Frame ID: 2D0352D26EA629C6539CBF0C0C2E4979
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Frame ID: C6BD5FE406E7F198A50386B24745501F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7509801e-1f52-11ed-8f72-b1eae2d91c37
Frame ID: 753F4195F73D287271D48F477396A5FB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=kPz02ndpCY2GIrgNfNP-Yg
Frame ID: 482610B08B4476FB32DFE0AD1BE85FD9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e2d07601bc54b6cab3e7c0bbb5431d1
Frame ID: BD5A1730196FBAB0D91B184EC424851D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: BDA127DCD4BB26252582D862C4A72C53
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 5F87C61128DCA528E345FCA3D29B3440
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 671D85EF8AAB36F0E6E2669D6B978681
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4FD054DF928E89B6E8AD38D671947672
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=42cde734-e23d-4a34-a437-14d3e9ef9135-tuct9f858fc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: FCE0E582D8DF443519796A30E4DCFEC9
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=pba&refUrl=&vid=08674507663038690486833451000V10&ovsid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Frame ID: 36E56C9291B477F8A1D4E06C6EBE9E3B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=6ef262fe-d37c-4b00-98f1-e46e0f7874ea&gdpr=0&gdpr_consent=
Frame ID: DFD0762908901EF5560DDE1A2EBA8C9A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Yv7TfAAHcPfa-AAK&gdpr=0&gdpr_consent=&_test=Yv7TfAAHcPfa-AAK
Frame ID: 80F1209EBEF2115C10CE58F9413709FB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9jM2JjZmFjNS03MjY5LTRmMTQtYjIwYS03MjdjNTMyOGJiZTg=&gdpr=0&gdpr_consent=
Frame ID: 51CA8D0FFA6EF02A416E5DC61E06C2E9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 4B9F437B9E3179B75E5F77810A11186F
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=79c13aec-f358-494c-84cc-ab07497fac3e
Frame ID: 7571C5315AA89A80E27FB74EC0B7619F
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 4017A74C231A143BB294B6B465F03C20
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Yv7TfMCo5sMAAM3v3SEAAAAA
Frame ID: 50A55E4A28B3593D50B2DF989F1070A0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Yv7TewuR7gpcgEiDeDFP7wAA%26870
Frame ID: F6706CFCDD36C1B2B7A47DD57C6A39FA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=IQHt4nTEUiX0sGvmFTwA&pi=gumgum&tc=1
Frame ID: 32CE9D0B149CDD2A1AB07C61C8E940B2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: AA4EB693C93C17263323F1D6A775AC3C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: F2A05F9F01E64D067691FD62BD01B108
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
Frame ID: 4F07DB38400989EB05D46F65338563BB
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Frame ID: D72788B044FC7827174DA4770B334820
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 7CA3743B837023BF2FB117736BCCDC8A
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Frame ID: F7F6558F390CC37A48A282C5823C1BF7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67531412C291E3C5EC7F1864F49A1385
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED0361DE86A032518F3D6E1EFAE7F30E
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

第1天上學她大哭!阿嬤憑記憶「想接孫女回家」 結尾藏洋蔥 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

432
Requests

77 %
HTTPS

0 %
IPv6

103
Domains

159
Subdomains

93
IPs

8
Countries

3298 kB
Transfer

8449 kB
Size

97
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzODY5MDQ4NjgzMzQxNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
Request Chain 193
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=79c13aec-f358-494c-84cc-ab07497fac3e
Request Chain 197
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=79c13aec-f358-494c-84cc-ab07497fac3e
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzODY5MDQ4NjgzMzQxMzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
Request Chain 201
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzAzODY5MDQ4NjgzMzQxMTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzAzODY5MDQ4NjgzMzQxMTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
Request Chain 228
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 264
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 268
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=6930922757553007061&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 269
  • https://match.adsrvr.org/track/cmf/openx?oxid=6e6ec024-47f7-7509-cf7a-db9b96953ace&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=79c13aec-f358-494c-84cc-ab07497fac3e&ttd_puid=6e6ec024-47f7-7509-cf7a-db9b96953ace&gdpr=0&gdpr_consent=
Request Chain 270
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yv7Te8Co5sMAAM3v3BsAAAAA
Request Chain 271
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdMYmEq-DvP0ks8ADsd_sDfAoM8AAAGCs2oc3w
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrp9vz_IFkwtyErOoflUtI&google_cver=1
Request Chain 278
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 279
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Drkt%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=rkt&refUrl=&vid=08674507663038690486833451000V10&ovsid=2020216286487508165
Request Chain 281
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dapx%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=apx&refUrl=&vid=08674507663038690486833451000V10&ovsid=1546289813757434588
Request Chain 282
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dopx%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=opx&refUrl=&vid=08674507663038690486833451000V10&ovsid=a642a9bb-ecf7-4fe9-ac35-a5f5247aa812
Request Chain 283
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dr1%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dr1%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D%5BRX_UUID%5D&cb=1660867451260 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8932383765 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/79c13aec-f358-494c-84cc-ab07497fac3e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dr1%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DRX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=r1&refUrl=&vid=08674507663038690486833451000V10&ovsid=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Request Chain 284
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Ddxu%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Ddxu%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=dxu&refUrl=&vid=08674507663038690486833451000V10&ovsid=k0ed6Qe41OoPuH5
Request Chain 285
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f02481e1-d578-497d-a855-fa3c73a6c532
Request Chain 286
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=10b13b6e-3120-4895-bbd5-4b0f61fffb84&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524490119177115132&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524490119177115132&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528008555774763557&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209620804248000022573&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528008555774763557&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5624b4f4-3202-4280-a76c-3a179eb7b7e7&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 287
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dzem%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=8Fr8nxBp-cKlsHG2zrpX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJYIZZDQ3TYIJYC2Y2LNRZUQRZSPJZHAWBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDQNRXGQ2TANZWGYZTAMZYGY4TANBYGY4DGMZUGUYTAMBQKYYTAJTWONUWIPJTGAZTQNRZGA2DQNRYGMZTINJRGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJYIZZDQ3TYIJYC2Y2LNRZUQRZSPJZHAWBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDQNRXGQ2TANZWGYZTAMZYGY4TANBYGY4DGMZUGUYTAMBQKYYTAJTWONUWIPJTGAZTQNRZGA2DQNRYGMZTINJRGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=8Fr8nxBp-cKlsHG2zrpX&refUrl=&type=zem&vid=08674507663038690486833451000V10&vsid=3038690486833451000V10
Request Chain 288
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3038690486833451000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3038690486833451000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=bb5e6a24-45a8-47df-9069-a6575b030146&cs=1
Request Chain 291
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=79c13aec-f358-494c-84cc-ab07497fac3e&dongle=0cfd
Request Chain 292
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI2MTQ1ODMxMjY2NTEyMTY3Mjg3NQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDGvAFbIb4JtSFshn5aCf0w&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 294
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI2MTQ1ODMxMjY2NTEyMTY3Mjg3NQ%3D%3D
Request Chain 295
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1261458312665121672875&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1261458312665121672875&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=872a1730-0e76-4436-9e85-5aa0a71a0cbd&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=872a1730-0e76-4436-9e85-5aa0a71a0cbd&_noobservation=1&_expected_cookie=69cc61b79733226328daa53afad0e15c
Request Chain 296
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1261458312665121672875&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1261458312665121672875&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5624b4f4-3202-4280-a76c-3a179eb7b7e7&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528008555774763557&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10528008555774763557&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213&ssp=triplelift&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528008555774763557&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209620804248000022569&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528008555774763557&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=5624b4f4-3202-4280-a76c-3a179eb7b7e7&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 298
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1261458312665121672875?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.0HOQOlE2oRYNavBZdjmosGOE4QQrP_4wcUTYT1j8Q--~A&dongle=0883
Request Chain 299
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1261458312665121672875 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1261458312665121672875&dcc=t
Request Chain 300
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=gvCx8TP1nqJSimez6yQo&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5M53EG6BYKRIDC3TRJJJWS3LFPI3HSULP&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5M53EG6BYKRIDC3TRJJJWS3LFPI3HSULP HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=gvCx8TP1nqJSimez6yQo
Request Chain 303
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 308
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 309
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 310
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L6ZPLFMY-3-AUKM&gdpr=0&us_privacy=1YN-
Request Chain 311
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1546289813757434588
Request Chain 312
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FK0kDRZH29bSf5G9Q2KxLaIs
Request Chain 313
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FK0kCLZH6TK0w-wVSNeqVds9
Request Chain 314
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYTI4MzNkZjYtN2JiMS00NzJjLTljN2ItMGIxZWM2ZDkyOWQ3IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xOVQwMDowNDoxMi42NzQ0NTFaIn0=
Request Chain 315
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6201445129 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/79c13aec-f358-494c-84cc-ab07497fac3e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Request Chain 316
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1973209964914422850
Request Chain 317
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=b9beef82-ee4e-4934-ba54-6e849b7c0ea4
Request Chain 318
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F581%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6e37946f-f5d0-41ea-b0b7-36842074cc46%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 319
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-GCycMpFE2uGGW5aKval2kcTidsu62kcLdcXjgRw-~A
Request Chain 320
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=4b794089-8d1b-6e71-51fd-ebe0fe0f27a3
Request Chain 321
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-xS0NBA1E2uFsmgE4QLYzgYo_gBn1EkrSqqfjN.A-~A
Request Chain 322
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EnuPGvesFGpz4T9g_fGghw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2224752484001211790
Request Chain 323
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 324
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zVuHZKjYTpC3RBghbZMl3A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zVuHZKjYTpC3RBghbZMl3A
Request Chain 325
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6ZPLFMY-3-AUKM&sigv=1&esig=2~66048f1b80a0792375ce6d37fa3907277e0bee08
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFW4Gv3ngoETfl-3bqqp30c&google_cver=1
Request Chain 327
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QEhFTI4aSk2p6ZDLxga8ZA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QEhFTI4aSk2p6ZDLxga8ZA
Request Chain 328
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=79c13aec-f358-494c-84cc-ab07497fac3e&gdpr=0&gdpr_consent=&expires=30
Request Chain 329
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmZjN2Y0NzQzYzgzY2FjN2RiNjU2YTgwN2Q4NjNjMjVlMzRhMzY1ZA
Request Chain 332
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L6ZPLFMY-3-AUKM HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L6ZPLFMY-3-AUKM
Request Chain 334
  • https://c1.adform.net/serving/cookie/match?party=14&cid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Request Chain 335
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fe6762fe-d37c-4c00-9374-538d47dd99c3&gdpr=0&gdpr_consent=
Request Chain 336
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yv7TfAAHb5bZ9AAK
Request Chain 338
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 339
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wq7yddeulc9
Request Chain 340
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:k0ed6Qe41OoPuH5&gdpr=0&gdpr_consent=
Request Chain 341
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004&rndcb=8525710394 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=10b13b6e-3120-4895-bbd5-4b0f61fffb84&google_hm=MTBiMTNiNmUtMzEyMC00ODk1LWJiZDUtNGIwZjYxZmZmYjg0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDbKRuVxPb2bA6u4aAEvWsg&google_cver=1&ssp=adconductor&bsw_param=10b13b6e-3120-4895-bbd5-4b0f61fffb84 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5624b4f4-3202-4280-a76c-3a179eb7b7e7?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Request Chain 343
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7509801e-1f52-11ed-8f72-b1eae2d91c37
Request Chain 344
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=kPz02ndpCY2GIrgNfNP-Yg
Request Chain 345
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e2d07601bc54b6cab3e7c0bbb5431d1
Request Chain 346
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 348
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 350
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=42cde734-e23d-4a34-a437-14d3e9ef9135-tuct9f858fc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vu0szVoASpWrfmSaJa0NkA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 353
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c8f9fb75e2e266de9176058e44995ddc9b708d5f131477e00648c59a25f38bed791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjOGY5ZmI3NWUyZTI2NmRlOTE3NjA1OGU0NDk5NWRkYzliNzA4ZDVmMTMxNDc3ZTAwNjQ4YzU5YTI1ZjM4YmVkNzkxNDI2YjU0MTdkY2UyMRAAGgwI_ab7lwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBjOGY5ZmI3NWUyZTI2NmRlOTE3NjA1OGU0NDk5NWRkYzliNzA4ZDVmMTMxNDc3ZTAwNjQ4YzU5YTI1ZjM4YmVkNzkxNDI2YjU0MTdkY2UyMRAAGgwI_ab7lwYSBAgCEABCAEoA&google_gid=CAESEHpDhoGdnAnNvugZQtvyokk&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=3a04acc6-19e2-473f-b0d5-a8e1cdaf88dd
Request Chain 354
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8e462fe-d37d-4200-9310-62770bfd88f8
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkVFRDJDQ0QtNUEwMC00QTk1LUFCN0UtNjQ5QTI1QUQwRDkw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEX6X-zWrQNPkkoHNiVHRW4&google_cver=1
Request Chain 357
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
Request Chain 359
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=79c13aec-f358-494c-84cc-ab07497fac3e
Request Chain 360
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1546289813757434588&gdpr=0&gdpr_consent=
Request Chain 361
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LevnTX_qth42vLYbIrqsHCns4B0277cRLempkOfk
Request Chain 362
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5624b4f4-3202-4280-a76c-3a179eb7b7e7&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522519798217669243&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522519798217669243&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528008555774763557&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208580804248000022532&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528008555774763557&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5624b4f4-3202-4280-a76c-3a179eb7b7e7&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 363
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7W4O.4pE2uWGlidkJQFvldYJVGhcvto-~A&gdpr=0&gdpr_consent=
Request Chain 364
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4925623162690373801
Request Chain 365
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6930922757553007061&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 366
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6bc1206230c22045&is_secure=true&networkId=17100&version=1&nuid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJs7nM82AJqwMgyFfVAAAAAAA&expiration=1660953853&nuid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 367
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1546289813757434588
Request Chain 369
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1546289813757434588
Request Chain 370
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_c3bcfac5-7269-4f14-b20a-727c5328bbe8&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=W2APkQlhXsJAN17HVDFEwF9nCMFAZF_NW2Jfa_hp HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=5624b4f4-3202-4280-a76c-3a179eb7b7e7
Request Chain 371
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28tgMVLHoSysCYrqf5ZRXnrx3D9IEtye60EMiYK-GzAv1WVH8o45ufcUdZ8DNm8k13%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28tgMVLHoSysCYrqf5ZRXnrx3D9IEtye60EMiYK-GzAv1WVH8o45ufcUdZ8DNm8k13%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_c3bcfac5-7269-4f14-b20a-727c5328bbe8&obuid=ENC(tgMVLHoSysCYrqf5ZRXnrx3D9IEtye60EMiYK-GzAv1WVH8o45ufcUdZ8DNm8k13) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://www.example.com/
Request Chain 372
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=99536454-6fe2-4d5f-a801-cb765ec53b88
Request Chain 373
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-05eddac1-5843-4dcb-4e54-fee2c5aa9bfe$ip$173.245.209.142
Request Chain 374
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3Q5gJ85E2per1VsoUpvPmUOKuaUSjsPX0WUF~A
Request Chain 375
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=335c9c8c-f55c-4e35-916e-90f607ddad5e
Request Chain 378
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_c3bcfac5-7269-4f14-b20a-727c5328bbe8&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=gvCx8TP1nqJSimez6yQo&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Z3WIN4DQVCQGFXHCSSTNFWWK6RWPFIW6JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Z3WIN4DQVCQGFXHCSSTNFWWK6RWPFIW6JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=gvCx8TP1nqJSimez6yQo&us_privacy=1---
Request Chain 379
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=1ef1604d-a824-4d7a-a919-8d2f0067dd45
Request Chain 380
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004&rndcb=3959652151 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5624b4f4-3202-4280-a76c-3a179eb7b7e7&google_hm=NTYyNGI0ZjQtMzIwMi00MjgwLWE3NmMtM2ExNzllYjdiN2U3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDbKRuVxPb2bA6u4aAEvWsg&google_cver=1&ssp=adconductor&bsw_param=5624b4f4-3202-4280-a76c-3a179eb7b7e7 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5624b4f4-3202-4280-a76c-3a179eb7b7e7?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Request Chain 381
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=7jAO1vo05Zo2&ev=1&pid=558355
Request Chain 382
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7796439680771007539
Request Chain 384
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=6ef262fe-d37c-4b00-98f1-e46e0f7874ea&gdpr=0&gdpr_consent=
Request Chain 385
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yv7TfAAHcPfa-AAK HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Yv7TfAAHcPfa-AAK&gdpr=0&gdpr_consent=&_test=Yv7TfAAHcPfa-AAK
Request Chain 388
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=79c13aec-f358-494c-84cc-ab07497fac3e
Request Chain 390
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Yv7TfMCo5sMAAM3v3SEAAAAA
Request Chain 391
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Yv7TewuR7gpcgEiDeDFP7wAA%26870
Request Chain 392
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=IQHt4nTEUiX0sGvmFTwA&pi=gumgum&tc=1
Request Chain 393
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 394
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L6ZPLFMY-3-AUKM HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L6ZPLFMY-3-AUKM
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yv7Te3lQICJXrRHdfcBDRAAAA1AAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAUBbDoBS6GCY6g4hGA3bRU&google_cver=1
Request Chain 396
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=79c13aec-f358-494c-84cc-ab07497fac3e&expiration=1663459452&gdpr=0&gdpr_consent=
Request Chain 398
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yv7TewuR7gpcgEiDeDFP7wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKE_x9IWvxzTlfyRUM4-lM&google_cver=1
Request Chain 400
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=750a386a-1f52-11ed-9f62-b1eaf9939be8
Request Chain 401
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=k0ed6Qe41OoPuH5
Request Chain 402
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dc2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dc2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y
Request Chain 404
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yv7TewuR7gpcgEiDeDFP7wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKE_x9IWvxzTlfyRUM4-lM&google_cver=1
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yv7TewuR7gpcgEiDeDFP7wAAA2oAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAUBbDoBS6GCY6g4hGA3bRU&google_cver=1
Request Chain 407
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=79c13aec-f358-494c-84cc-ab07497fac3e&expiration=1663459452&gdpr=0&gdpr_consent=
Request Chain 408
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1676765053&external_user_id=7193dc45-3258-4438-8786-68b7af5444f2
Request Chain 409
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 410
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=PQ9FKG8OFHsmWBR-Ml4OeTkIQngmCxV0PQ37qKDQ
Request Chain 411
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=338862fe-d37d-4500-b754-923fd2713ea9
Request Chain 414
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08082204079d58ebb1c0bddb&gdpr=0&gdpr_consent=
Request Chain 415
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f02481e1-d578-497d-a855-fa3c73a6c532&gdpr=0&gdpr_consent=
Request Chain 416
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=07030001_62fed37d6a764&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030001_62fed37d6a764&gdpr=0&gdpr_consent=
Request Chain 417
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJPT07F_acAABBWZH-gLg&gdpr=0
Request Chain 420
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L6ZPLFMY-3-AUKM HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L6ZPLFMY-3-AUKM
Request Chain 425
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
Request Chain 427
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 429
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=79c13aec-f358-494c-84cc-ab07497fac3e&ttd_puid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213%2C

432 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
www.bg3.co/a/
54 KB
16 KB
Document
General
Full URL
https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
558562c09243148ebc12aa24502571a0c586c891b06ed88edacae07812abfb91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 19 Aug 2022 00:04:01 GMT
ETag
"d995-pDMd0HdiJuECu8fSu5ydBggEp8w"
Expires
Fri, 19 Aug 2022 01:04:01 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/
276 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72499
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 00:04:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"566a4cf199592f12"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Aug 2022 00:04:02 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 00:04:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d1fae90a9114f57d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Aug 2022 00:04:02 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
24 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7576
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 00:04:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"df45f464576212d8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Aug 2022 00:04:02 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
109 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31989
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 00:04:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"a1b1c4bb043ec9da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Aug 2022 00:04:02 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA1tKU5ZW87zRlUuSMqoVkEQjdn4FYugZPwlen06tNkYeEGnBn4YZJ4lG1PXrhlsyKYVtoDi1RCid74zOwk3wSDWDYknesjLmICXp2BfNFm9%2B7po8z3QBAbsDI07i2q6ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
73cea1311c636a72-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/
36 KB
10 KB
Script
General
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:03 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 07:00:15 GMT
server
nginx/1.18.0
etag
W/"62fde37f-8ea7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
9533
expires
Fri, 19 Aug 2022 01:04:03 GMT
adpushup.js
cdn.adpushup.com/42753/
513 KB
118 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
68510bb34f26f58947a29a0b443e30391a586c680d1dfc74672758a13255bca7

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:03 GMT
content-encoding
br
last-modified
Wed, 17 Aug 2022 09:46:11 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
AU
content-length
120672
expires
Fri, 19 Aug 2022 01:04:03 GMT
jquery-2.2.2.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:03 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1660867443.dop047.la3.t,1660867443.cds212.la3.hn,1660867443.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ffc448264e8eb2d4a2d20c733dbe74a6.jpg
static.bg3.co/imgs/202106/
7 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/ffc448264e8eb2d4a2d20c733dbe74a6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0e656c68f08fa434cf50001b1c6c0d7374a883c0a15b54b4317ca246e53990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Jun 2021 02:12:53 GMT
server
cloudflare
etag
"FFC448264E8EB2D4A2D20C733DBE74A6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFHOOsEcroPxeSoWPHihXFZsDhkkQBFDE9FJjifuk2FJPU81fmuh763izURzkM%2Fozhne%2BpWIitP6N7xezUBpw2sjKsY6STSc0rIkFlgzY%2FW5dj7c7HxtE2brCQAnKvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea13329e2a980-SYD
content-length
6926
expires
Fri, 26 Aug 2022 00:04:04 GMT
a846c170154b4b7bec5b1e1ef96c4a42.jpg
static.bg3.co/imgs/202105/
6 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/a846c170154b4b7bec5b1e1ef96c4a42.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab7fc2ebd787d1967fda36bcd02e4bf4781c486185729b4e27187ca7c46ef9f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 11:21:14 GMT
server
cloudflare
etag
"A846C170154B4B7BEC5B1E1EF96C4A42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL2KhrLaWTnVkeH4GxfOIffsCHxH4JhTyDbXSZf7HgAa6tLs73ZuhiWu6fbhym9LztOHaJW2QyYUxfNjfxv9dH%2BF5ailqUauZPeHrJq7GJtqZq1d%2BYY8vghLnwq75Qw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea13329e3a980-SYD
content-length
5978
expires
Fri, 26 Aug 2022 00:04:04 GMT
c44877e94ab0dfe2416e74fdbda29769.jpg
static.bg3.co/imgs/202105/
7 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/c44877e94ab0dfe2416e74fdbda29769.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2426b0b11807176e1bc403ed3625538756549415f56ecf798584cb41facfd17

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 16:36:21 GMT
server
cloudflare
etag
"C44877E94AB0DFE2416E74FDBDA29769"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5IrQGUayJLE8tzFZwV6QiQDWv4drM4tMVzB8kJww3XMH0blvcnhezEcRQldBYT%2FdseyPOjDZKJt7lgMJROYQ1IYfmQgguWzv4yTXYm0lLwfGRdbBH1VDcRiDbIPfYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea13329e4a980-SYD
content-length
6855
expires
Fri, 26 Aug 2022 00:04:04 GMT
211decbf7ccc253cbb1d5ce84c206e1e.jpg
static.bg3.co/imgs/202105/
2 KB
2 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/211decbf7ccc253cbb1d5ce84c206e1e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90133ed2d82cc7a99ddfe7ad9407d90a36f159dc18212aec5a916a16c189a9bb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 09:09:07 GMT
server
cloudflare
etag
"211DECBF7CCC253CBB1D5CE84C206E1E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGg70QfzApDpAQtVoCH7Qn9aJ1x8ui4kWaTE6a9N%2FMiXkEokKAXvcxazFYMFLNGKYDFCAaWeMGt%2Fc0DwTe%2BEBtugB4eaDUL9Zm27zCC1dnA9%2BrnA9M0pzNwmM7R5xPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea13329e5a980-SYD
content-length
2124
expires
Fri, 26 Aug 2022 00:04:04 GMT
c7032ab7da7ac63197cd58b8a362537d.jpg
static.bg3.co/imgs/202106/
4 KB
4 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/c7032ab7da7ac63197cd58b8a362537d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
213533319f081f762764fccdbb0531102cb7dff7cddb2545a1cba0ca6b19076d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Jun 2021 05:10:11 GMT
server
cloudflare
etag
"C7032AB7DA7AC63197CD58B8A362537D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNCl6LF7gazKnW2QWPbbbIuHKs09uuabLwfl3DeLAGfMUNngFzGedlYeaXuFqP1ZJEQqnY3gXgo7nkhRYjzAgPVO4hvPRgpvDuW8xLIijxhJ7Ul7CmyAyiQT1Wid7Ps%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea13329e7a980-SYD
content-length
3781
expires
Fri, 26 Aug 2022 00:04:04 GMT
3b7eaf3e6226a24609215068eff2e304.jpg
static.bg3.co/imgs/202105/
4 KB
4 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/3b7eaf3e6226a24609215068eff2e304.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0dd7fc72ac0d9934b03f2753705b59f2c7a8617302d999bb18ec801d46eb1f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 04:35:40 GMT
server
cloudflare
etag
"3B7EAF3E6226A24609215068EFF2E304"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5eF5BRFUw8TFnBm3W8zdBnBppDK71YGF4ej4Kp3ZXNt3q49LeQOkbw0T8D7ZAVKlqDYzsq%2FBhtmaU2gFRUJzgb3KLBHw%2BatI9Q9leGnH1o8TjnMP%2FV1Dxh44L3u5Jk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea13329e1a980-SYD
content-length
3625
expires
Fri, 26 Aug 2022 00:04:04 GMT
562d9d9a77480e64984e05bf6cd1787c.jpg
static.bg3.co/imgs/202105/
7 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/562d9d9a77480e64984e05bf6cd1787c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264e48adbf18814f4ba24678cfd118e172fa26cd489367516b0e718bdb7c81a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 18:48:59 GMT
server
cloudflare
etag
"562D9D9A77480E64984E05BF6CD1787C"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eN%2FSjdQzEptmHCpWRImpfqLoGXCXz7zyeYucrE1nr4ndZiojLibrLCSgWhkW6IHuKGvuXeBGHm5JMUZId7jHTUdA3%2BeYF%2Bt42OGTadtOIAfAoG0VDMbjhyu1ChbELUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea13329dca980-SYD
content-length
6756
expires
Fri, 26 Aug 2022 00:04:04 GMT
a06648ecf061fd214c9c67fbf38077a5.jpg
static.bg3.co/imgs/202109/
7 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202109/a06648ecf061fd214c9c67fbf38077a5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fbd0e9eadcd58117a0e66c707bdde0ee37d03b954d4f631c467ec379702c227

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Sep 2021 01:55:31 GMT
server
cloudflare
etag
"A06648ECF061FD214C9C67FBF38077A5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUM0Gzz9t9ldvXD5rZ4uj4UiNP7wWxK1LbyjGUZK6mIyE%2F%2FWgb4oFkAZmSG8Vhj8rM8Cxv2hNbXj09liTlEYbX1fLucNf3Lzv07vY5Nf9YDmife2VymZGtVIQiARD%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea13329dea980-SYD
content-length
7044
expires
Fri, 26 Aug 2022 00:04:04 GMT
429bac1b21f266f346f61cf528a45ffa.jpg
static.bg3.co/imgs/202105/
15 KB
16 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/429bac1b21f266f346f61cf528a45ffa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7a4e8bbff1f6b07864242a5735c7bd678f801846018bda3bb340337f5cbe5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 15:37:25 GMT
server
cloudflare
etag
"429BAC1B21F266F346F61CF528A45FFA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwq8G1hux3JbtxcLuKT8cyEHnFWwtj3w52LWxj9G%2BaFHwtbZGqED3eyT9TNqxAWilV9U6gkv4Yqu%2BVaKICVV%2F51hrX42BJG4c1DSmpgfrFxGjnpgjs9rlzhUbqT%2BpYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d07a980-SYD
content-length
15641
expires
Fri, 26 Aug 2022 00:04:04 GMT
f7c6a3193eb8abb8461fbd0b7d32e24c.jpg
static.bg3.co/imgs/202112/
4 KB
4 KB
Image
General
Full URL
https://static.bg3.co/imgs/202112/f7c6a3193eb8abb8461fbd0b7d32e24c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029061f3bf05e039291681ea5a9931e4f39d7327af45fdf51c09493cbe177519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Thu, 09 Dec 2021 00:46:38 GMT
server
cloudflare
etag
"F7C6A3193EB8ABB8461FBD0B7D32E24C"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft229cX6Rrzer4GErXqSVzsIIR4esUXnflzkUYZ4kjF8AMgo0oM45LphMUtLmRYKPgmCZq5LL0sM8%2FKE%2FcRbaZrU%2FmIURX%2FJKydG6VzRy9xbFPqZ%2FxZX%2Bb8Pt6kN0ng%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d08a980-SYD
content-length
4242
expires
Fri, 26 Aug 2022 00:04:04 GMT
5409107fc760479a135733193c9aa3f6.jpg
static.bg3.co/imgs/202105/
7 KB
8 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/5409107fc760479a135733193c9aa3f6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
213096ae3ff414297685220be55162b5e51cbb1c926efb492cbfa0179a3ec320

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 22:43:07 GMT
server
cloudflare
etag
"5409107FC760479A135733193C9AA3F6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ES%2FU%2BSCOyWkNi2RHb%2BxY%2FvOEXjG3qN6y%2BiGRZICO9q6r1WHNC4m%2BrHAylu0Z6UyJeNjldm9sWfvczN2Ifck30zTtBCWcHtvhzLbH85RCW%2BvNff2i3hP3MNp8esUzL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d09a980-SYD
content-length
7458
expires
Fri, 26 Aug 2022 00:04:04 GMT
975c50d7639d8d628ea801ea620b84e6.jpg
static.bg3.co/imgs/202106/
6 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/975c50d7639d8d628ea801ea620b84e6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7dd9c51fe1581caff8a6131e4ff6707531c590a9ac8396c39229d0a103891f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 19:29:09 GMT
server
cloudflare
etag
"975C50D7639D8D628EA801EA620B84E6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88cwCuPM7vjQfWRVg%2F%2Bqt4HauCmJbO7I0f%2BnBXU3ZzDe%2FldrxIV0X0ltKXW9P5Gzsp8%2BrZZYid%2Bh9a%2FQ0JV9fR1yJQlamsWfF%2BbSpNck9nF0tRAesNAZVuSQzoH%2Fvvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d0ba980-SYD
content-length
6638
expires
Fri, 26 Aug 2022 00:04:04 GMT
e4901c905da2db2fe77d080d3c8c14d4.jpg
static.bg3.co/imgs/202106/
11 KB
11 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/e4901c905da2db2fe77d080d3c8c14d4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca12ae965001fe5593adc88a216d45e927ce12bb3c6e4a13d0ce5c678cbb9bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 03:01:50 GMT
server
cloudflare
etag
"E4901C905DA2DB2FE77D080D3C8C14D4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpE8dKhX5GHXQ0skU6Uanifv2kN9Nziczrqsf5CXaLbx8PsYvJHw%2FMAl8y3XnsrZUOHUvqRhwGG0tg9I%2F7xqBNVXSZQZygYcU6Rcho7J94BPRZLG0Xuk6H89wb6PFwg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d0ca980-SYD
content-length
10789
expires
Fri, 26 Aug 2022 00:04:04 GMT
fd677a1fbe26e826fd67fa41a5f80494.jpg
static.bg3.co/imgs/202105/
6 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/fd677a1fbe26e826fd67fa41a5f80494.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbc163f603ea59c94279e7a3df290a5baa4447788525dd78f3b961221a7a31b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 13:59:53 GMT
server
cloudflare
etag
"FD677A1FBE26E826FD67FA41A5F80494"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbvZxS%2BUM5UormYvMH2wFJrpW8HiqhJekmRc%2FiTn9a1lqD%2F%2Fk1m64CWm1p8mw9O56NJXH74Qd8uIbZNmbnuqcDjEk8e1%2F9BxxN3aWyDd3bM%2BWi6GGXucMp0YpR%2BTmWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d0da980-SYD
content-length
5948
expires
Fri, 26 Aug 2022 00:04:04 GMT
6420c3e867ad7e30aaff08873753a94a.jpg
static.bg3.co/imgs/202110/
5 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202110/6420c3e867ad7e30aaff08873753a94a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed912a33f5d9e06fd80cc7cd560a17c8effd8bb9bd311d519d8cd18209ee5f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Oct 2021 04:04:06 GMT
server
cloudflare
etag
"6420C3E867AD7E30AAFF08873753A94A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw2IIl17N47uJGqlKvsOMg27vVxy8G4P5u8ufGSVuGITIqyllLWjG%2FLYSx93Qo8PMRV5%2FSEL72sEcmRyTzmSqGqnJejo22Q%2FfcED%2FCkgxFyxGWySaz6VqO8g9nYkcG4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d0ea980-SYD
content-length
5508
expires
Fri, 26 Aug 2022 00:04:04 GMT
77488142406e64d27e6ac6229c18c19f.jpg
static.bg3.co/imgs/202106/
6 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/77488142406e64d27e6ac6229c18c19f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d087e165da43976d8c976a24ac547426c192d92c0f0deae2480dfc463ded5b1e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Jun 2021 04:40:33 GMT
server
cloudflare
etag
"77488142406E64D27E6AC6229C18C19F"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sm6RMpfC5orK%2BIK%2B2Xp9S1ZrdpgD72GDFgwTLvC9BjP2XxdspxaT%2B%2BijM8LQd3RXNU003LwDPI7hREBgsKX9RfmOwXj7S2WV1cRSMc0J8eFF8GKjCajIv81ua7ZPsns%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d0fa980-SYD
content-length
5921
expires
Fri, 26 Aug 2022 00:04:04 GMT
436011d3e98043ed59cf50f547d6daa0.jpg
static.bg3.co/imgs/202106/
8 KB
8 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/436011d3e98043ed59cf50f547d6daa0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5c25af4593430a459a0aab2bf3961c5618f685992f4de796410853bafa1a310

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 20:57:02 GMT
server
cloudflare
etag
"436011D3E98043ED59CF50F547D6DAA0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dj9X3kAA%2BfF9ya9C0Uf08WkykGPPcMlb%2Fh8Z4rL6QhawsyZgNgZmWF5%2FSBKlUEw%2BRHxOrFTAhoidiYnzdJWGn2Vm4z%2BE5DvIrwnJUKRi%2Be7C9rfUGFYceYtcbxvZd7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d10a980-SYD
content-length
8220
expires
Fri, 26 Aug 2022 00:04:04 GMT
f6abce9cf1aacfe9e8f05fb25f4c1875.jpg
static.bg3.co/imgs/202105/
9 KB
10 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/f6abce9cf1aacfe9e8f05fb25f4c1875.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ed7ebd8ba9d5955cbbbc622e376b8881f475555eaed4c8d8cb163f5a81362b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 01:40:48 GMT
server
cloudflare
etag
"F6ABCE9CF1AACFE9E8F05FB25F4C1875"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpY9uEwYHmk3%2BUMpd6mADoCwTjKkeBPO7szHbM42vra%2FcvI%2FA4otuHMgQMGxHBZ4rImi2x0ViS6xt93ZrEB%2BMS7P39AdOeFHmfEF0GWeVhX7eQtbeudus%2ByVQvFkZCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d11a980-SYD
content-length
9670
expires
Fri, 26 Aug 2022 00:04:04 GMT
f07f8c7e5e2c29a81ebe3d4917656dc1.jpg
static.bg3.co/imgs/202105/
7 KB
7 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/f07f8c7e5e2c29a81ebe3d4917656dc1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8834c62eb0bf50323017a8c4d13eddb19c71051451cbf58f980236babaea2d53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 15:54:59 GMT
server
cloudflare
etag
"F07F8C7E5E2C29A81EBE3D4917656DC1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8brHb9bGkKHPH3yrNFEU4fwKEJ970mo91F4S9LrtDSDGj%2FOrE55dIudHYujQ6uRynhZLpmgJBp%2B9UpF5yj2C2Gc4YEIx4IA80wwQYPp3mEq3AvWVlxEIBmDHeCMcH6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d12a980-SYD
content-length
6693
expires
Fri, 26 Aug 2022 00:04:04 GMT
fabf857d51897c2769a3e3cf1012926d.jpg
static.bg3.co/imgs/202108/
5 KB
5 KB
Image
General
Full URL
https://static.bg3.co/imgs/202108/fabf857d51897c2769a3e3cf1012926d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb62089ea8b85e23849f8a1d81c4bf8f76e14a21d28034a6b1253a31a1fdfbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Sat, 28 Aug 2021 16:57:45 GMT
server
cloudflare
etag
"FABF857D51897C2769A3E3CF1012926D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNRAPDeAkIfamXGFHg6hfpTpDLZneZVmWnzZ8Oij1ap0E%2BmvO%2B27dJnd4yyXhcfgVI2GJOa6EZ44LfzC%2F%2BXafWpo1Fllx%2B00y7O8FMwdTB6LiL5kQa2QjaEqLrRUZxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d13a980-SYD
content-length
5014
expires
Fri, 26 Aug 2022 00:04:04 GMT
560dc4299094a7e8b2b97bfcbf03417e.jpg
static.bg3.co/imgs/202105/
6 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/560dc4299094a7e8b2b97bfcbf03417e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca5af10572112452e812f3c2d07f0963a7bde58a9ca9f83ea75527005dec600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 06:40:44 GMT
server
cloudflare
etag
"560DC4299094A7E8B2B97BFCBF03417E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BwX%2F1zE%2F%2Fd7KeY4KzL9yd1WZ%2BcG3RUlUmh%2BshhucM1vEQSr%2FjIh1nL4GMk3qJsbd9UEFbZT%2BQCUSYOnoV0sB39FKqdI3wbkHPjjElt1yQjAhmn4dK%2BjZFCDtEWpQpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d14a980-SYD
content-length
6112
expires
Fri, 26 Aug 2022 00:04:04 GMT
5938f9d9c1f3a3cff3ad381538f995cd.jpg
static.bg3.co/imgs/202105/
8 KB
9 KB
Image
General
Full URL
https://static.bg3.co/imgs/202105/5938f9d9c1f3a3cff3ad381538f995cd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691e8243403b0682af95cd9611d7f5841a021a94ce2a0f9dc4928fe40e717616

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 12:57:17 GMT
server
cloudflare
etag
"5938F9D9C1F3A3CFF3AD381538F995CD"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjBBj6GpmtVXFOGhJkL3Xf%2FBZ4iuUmZ%2FG95cyYwb60LHr3aKzbE4gY71F6Fc6TimzIAPPmpBYlUYctJUzXHdFMkl9qvKXapR9HtBilWDA1ethQ%2F3qRvkWUw5S71%2FPuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d15a980-SYD
content-length
8272
expires
Fri, 26 Aug 2022 00:04:04 GMT
ed3cec3e5cafc4d49d47ca920f58e449.jpg
static.bg3.co/imgs/202106/
6 KB
6 KB
Image
General
Full URL
https://static.bg3.co/imgs/202106/ed3cec3e5cafc4d49d47ca920f58e449.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0d39b1cb16159d0dc83d02e4d1cfc41d2d30a82b8d197b7a8287214e6e73af

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Jun 2021 03:28:28 GMT
server
cloudflare
etag
"ED3CEC3E5CAFC4D49D47CA920F58E449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FXXMuSe3ec78ibQJEFAS8T8oMedGGFYj5Fc4SbcT1pQIcMRMGR4gdG4x%2F12bDj7%2FVun6kWGtdYg2vsm1yPc55IYON%2FICOEywAHeXPCXoYJBWSYfk2k4GipcKL%2BfnqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73cea1359d16a980-SYD
content-length
5636
expires
Fri, 26 Aug 2022 00:04:04 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2977
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:32:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ab22edc768bc2763"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:32:38 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/
81 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
39585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23035
x-xss-protection
0
server
sffe
date
Thu, 18 Aug 2022 13:04:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"65c480cb2d2a17eb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 13:04:19 GMT
ama
pagead2.googlesyndication.com/getconfig/
5 KB
1 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
4e9f870dcdd59a7dd8227935e26ba4d6b14fe7b3568045a252110db406138254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3843
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:32:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e1102914dcffd250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:32:38 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1660867444.dop047.la3.t,1660867444.cds212.la3.hn,1660867444.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/
975 B
616 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
251
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BF8RZW2JzVQPs0uc5yfJRSffOKzmnCPQUqxSkJKkaN%2B7rPYM2CO9gk9Z7TXeO%2BzF6e1Ox1aDK8sTfPwMZ2a9ZoR2Y9d9TrdtewHGFf3mmJOvuFOLseqxVgYz8LkHWN4eQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73cea1326d946a72-SYD
cf-bgj
minify
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
0a9906e691335ab30f64396b06cf01d4ffe4dc7b431a545a3e534c31bf3255bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:04 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
0a9906e691335ab30f64396b06cf01d4ffe4dc7b431a545a3e534c31bf3255bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:04 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/
508 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.016871588190807474&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:04 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/
508 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7236834179409533&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:04 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208051912001/v0/
39 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10239
x-xss-protection
0
server
sffe
date
Thu, 18 Aug 2022 12:48:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"62cdf4b1a7a2ae40"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 12:48:06 GMT
block.jpg
delivery.adrecover.com/
631 B
866 B
Image
General
Full URL
https://delivery.adrecover.com/block.jpg?ts=1660867444193
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
631
expires
Fri, 19 Aug 2022 01:04:04 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1EA8
118 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
f578cf376160a5a7ef9e3810b351122aa17699121f7d55f462b025d879c2c25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40310
x-xss-protection
0
server
cafe
etag
7331354162440142576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Aug 2022 00:04:04 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6EEF
118 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
50734112a22152589264b2cf8ea8a269aa8585dc3e130ab8648e779cc24b0a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40307
x-xss-protection
0
server
cafe
etag
3089516200452649234
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Aug 2022 00:04:04 GMT
pb.42753.1660729490688.js
cdn.adpushup.com/prebid/
327 KB
92 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
br
last-modified
Wed, 17 Aug 2022 09:45:26 GMT
server
nginx/1.18.0
etag
W/"62fcb8b6-51a96"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
93943
expires
Sat, 19 Aug 2023 00:04:05 GMT
log
aplogger.adpushup.com/
0
54 B
Image
General
Full URL
https://aplogger.adpushup.com/log?event=PAGE_VIEW&data=eyJzaXRlSWQiOjQyNzUzfQ%3D%3D&pxRes=false
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
server
nginx/1.14.0 (Ubuntu)
e489f09a-8ced-41f8-ad21-46ad5fb0f0f2
https://www.bg3.co/
4 KB
0
Other
General
Full URL
blob:https://www.bg3.co/e489f09a-8ced-41f8-ad21-46ad5fb0f0f2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
gtag.json
cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/
2 KB
931 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
145664
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Wed, 17 Aug 2022 07:36:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d737f3c89b0705df"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 17 Aug 2023 07:36:20 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6E72
714 B
861 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
426
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73cea138d81ba880-SYD
content-encoding
br
content-type
text/html
date
Fri, 19 Aug 2022 00:04:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgvuRQNsSR6n1EEVNFkAW3OzqYTfj6b7irtOSJkkTGIcPxUM1ru8Y3DYPMAvpmOeSkeA%2BkNpZT4YWOLAMeg8IfRxd8WNveAW6Ve1MMnWS1cKW7KKHLNR1YyrhKcMIDXUMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/
35 B
384 B
Image
General
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:04 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6E72
84 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
d52a1fcf7498415595c5bfc7ceba00fd9af8003eda0d498f51f8775b41003e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28732
x-xss-protection
0
server
sffe
etag
"1308 / 333 of 1000 / last-modified: 1660860461"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Aug 2022 00:04:05 GMT
amp
www.googletagmanager.com/gtag/
610 B
808 B
Fetch
General
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame C000
714 B
823 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
426
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73cea139a8aba880-SYD
content-encoding
br
content-type
text/html
date
Fri, 19 Aug 2022 00:04:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xh9pDzhrnhZps5HcWzWzNIsto6A82tzUnUsDa%2FkTw0U0CAbgu0KodULW2Ce5cOx2NG2zHjCO2MzQn%2BIxphVB7Z1KrJZeScQEqnlo2bd52QdfCnWi7OijlBxRKi4ThICxiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/
214 KB
57 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
174507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57907
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:35:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"900caa8e3e134c7a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:35:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C000
84 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
9dc368be0b3da20f3aca5e115ba36c415edef843b54784dbb72554da71cc6f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28742
x-xss-protection
0
server
sffe
etag
"1308 / 901 of 1000 / last-modified: 1660860461"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Aug 2022 00:04:05 GMT
integrator.json
adservice.google.com/adsid/
86 B
572 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-18727999461345680567.ampproject.net/2208051912001/
0
0
Other
General
Full URL
https://d-18727999461345680567.ampproject.net/2208051912001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ Frame 1EA8
341 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
bce7b7a333407f4649b212295c4ae99cfc020e26db50d87e3c92138bcf0426a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
15332994839126793295
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Aug 2022 00:04:05 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/ Frame 6EEF
341 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef4319a6ea5f1c6f437ccc7844a84c35d1871152e962df7f8d611a0c52a3931c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122629
x-xss-protection
0
server
cafe
etag
488863163207859505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Aug 2022 00:04:05 GMT
collect
www.google-analytics.com/r/
35 B
396 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%AC%AC1%E5%A4%A9%E4%B8%8A%E5%AD%B8%E5%A5%B9%E5%A4%A7%E5%93%AD%EF%BC%81%E9%98%BF%E5%AC%A4%E6%86%91%E8%A8%98%E6%86%B6%E3%80%8C%E6%83%B3%E6%8E%A5%E5%AD%AB%E5%A5%B3%E5%9B%9E%E5%AE%B6%E3%80%8D%E3%80%80%E7%B5%90%E5%B0%BE%E8%97%8F%E6%B4%8B%E8%94%A5%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.08806634583277573&gjid=0.08700323793867648&_r=1&a=648&z=0.3192911527354223&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
569 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
content-length
317
expires
Sat, 19 Aug 2023 00:04:05 GMT
linkPreview.js
cdn.adpushup.com/42753/
72 KB
17 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-length
17440
expires
Fri, 19 Aug 2022 01:04:05 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
84 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
74f02eef8b16de1e020787c6b8415bc8d82699e55a145acc6b9c1e1ba43f220f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28732
x-xss-protection
0
server
sffe
etag
"1308 / 644 of 1000 / last-modified: 1660860461"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Aug 2022 00:04:05 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
476 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:04 GMT
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjA4Njc0NDU0MDEsInBhY2tldElkIjoiMDAwMEE3MDEtODMzZDJhZDctMDI1Mi00MzA5LWI3YmItMmQyYmFmZTBiNjlmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpLTF0aWFuLXNoYW5nLXh1ZS10YS1kYS1rdS1hLW1hLXBpbmctamkteWkteGlhbmctamllLXN1bi1udS1odWktamlhLWppZS13ZWktY2FuZy15YW5nLWNvbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:04 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjA4Njc0NDU0MDIsInBhY2tldElkIjoiMDAwMEE3MDEtODMzZDJhZDctMDI1Mi00MzA5LWI3YmItMmQyYmFmZTBiNjlmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpLTF0aWFuLXNoYW5nLXh1ZS10YS1kYS1rdS1hLW1hLXBpbmctamkteWkteGlhbmctamllLXN1bi1udS1odWktamlhLWppZS13ZWktY2FuZy15YW5nLWNvbmcuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:04 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjA4Njc0NDU0MDIsInBhY2tldElkIjoiMDAwMEE3MDEtODMzZDJhZDctMDI1Mi00MzA5LWI3YmItMmQyYmFmZTBiNjlmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpLTF0aWFuLXNoYW5nLXh1ZS10YS1kYS1rdS1hLW1hLXBpbmctamkteWkteGlhbmctamllLXN1bi1udS1odWktamlhLWppZS13ZWktY2FuZy15YW5nLWNvbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:04 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjA4Njc0NDU0MDYsInBhY2tldElkIjoiMDAwMEE3MDEtODMzZDJhZDctMDI1Mi00MzA5LWI3YmItMmQyYmFmZTBiNjlmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpLTF0aWFuLXNoYW5nLXh1ZS10YS1kYS1rdS1hLW1hLXBpbmctamkteWkteGlhbmctamllLXN1bi1udS1odWktamlhLWppZS13ZWktY2FuZy15YW5nLWNvbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:04 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjA4Njc0NDU0MDgsInBhY2tldElkIjoiMDAwMEE3MDEtODMzZDJhZDctMDI1Mi00MzA5LWI3YmItMmQyYmFmZTBiNjlmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2RpLTF0aWFuLXNoYW5nLXh1ZS10YS1kYS1rdS1hLW1hLXBpbmctamkteWkteGlhbmctamllLXN1bi1udS1odWktamlhLWppZS13ZWktY2FuZy15YW5nLWNvbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:04 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 19 Aug 2022 00:04:05 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1168
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220819
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d1f5cd789186c23e27ea6b14357e0969043ee3bab2272306f75ad3fa5a42b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32552
x-jsd-version
1.0.1436
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19127-FRA, cache-iad-kiad7000117-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-vX/KBvdmmoQKZ6VHxwlYkYtGIaI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHy%2BPrBJ2UCgiTnkWoU18BKdmxMb0VwaVUjYdT4Lajr%2FEY3eMUpy87vLX1cu8Rw7oz12gR%2BNlG%2B87VgF78VQ1tmDxnIzZJkher4Qn8ivvjkkCvYHdkaRXFtOf7L1m453GfU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73cea1403afa550f-SYD
access-control-expose-headers
*
json
gum.criteo.com/sid/
323 B
612 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
79aa0de5687272e0d73f37c1a8a54cebb664d01f3d7b18f0b834d04bb7b523f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2147
strict-transport-security
max-age=31536000; preload;
expires
0
arj
adpushup-d.openx.net/w/1.0/
174 B
382 B
XHR
General
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=107039e5-5450-4eb9-90d1-7f580278da04%2Cd9058381-6fdb-4eea-8320-56612ce72e9f%2Ccf5bf554-389e-4b08-b991-b49a0dacb972&nocache=1660867445563&pubcid=bdc2ff7d-ee70-4afe-95ac-1373f2b20933&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
86f13971b72a155bae6b4f69d04366404892cd47992d340c16965db807007732

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
504 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=db2b1dd1-ee74-4298-8824-95e16fe6cc93&nocache=1660867445563&pubcid=bdc2ff7d-ee70-4afe-95ac-1373f2b20933&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:05 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
296 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0ad8a603-baa5-4c96-9316-78ebb6485ec4&nocache=1660867445564&pubcid=bdc2ff7d-ee70-4afe-95ac-1373f2b20933&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:05 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
296 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e24a45ef-1247-4267-a42f-640d6ccd1698&nocache=1660867445564&pubcid=bdc2ff7d-ee70-4afe-95ac-1373f2b20933&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:05 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/
15 B
407 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
403 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.247.144 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-247-144.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
741db92350bb13c2ebd58f2c9b08be8b2a27f09627feeacd61b90b4399973297

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
172
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
407 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.247.144 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-247-144.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
1b38c342b4c6b2c7cb382ccfcb9cdfef3f8f350def4895fae5bb6d7d69e63655

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
405 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.247.144 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-247-144.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
5f22df928281fbaab2fceaaf4e6a66bde42415fab16b61b5dc4346c4e4fbdc9d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
472 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=bdc2ff7d-ee70-4afe-95ac-1373f2b20933%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&tk_flint=pbjs_lite_v4.43.0&x_source.tid=ed6478ee-de04-43f6-ab50-6cfce0816c18%3B40b9c3ad-ddc4-41d9-bf32-538eb82dcb1c%3Bc5af7b45-707e-422c-a349-5e14ee640ab1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.3928610907964982
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
46cb96daf91734a4aabd0a5f36cc2d5d65f23d19731445449e310129daf3e92f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:06 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=56101992520
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
hb-api.omnitagjs.com/hb-api/prebid/
0
0

prebid
ib.adnxs.com/ut/v3/
17 KB
9 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8ff56c5c8285932f1fc2001d729ec5e8aff6fbb861fb26bd14a9f581b905da1c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 19 Aug 2022 00:04:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
612c417a-35c2-4a2b-84ca-85eb56fea3c4
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
518 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 19 Aug 2022 00:04:05 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/
1 KB
918 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a7284a3c8c1b158369a99c9c1b758f53df3edfd55ba416f1012130c38e330a0d

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
141
alt-svc
clear
via
1.1 google
auction
tlx.3lift.com/header/
19 B
504 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.169.230 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-169-230.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/
37 B
308 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2250f9215a995ace3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225130140b9aadd19%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22533c71cbe3d0f1c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255480ce892aa445%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2256301f228a77e2c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22582a3a2a8a38f39%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2260526b834f2c34b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226173c20ffcdc064%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225130140b9aadd19%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22582a3a2a8a38f39%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02d1bc081f1deb5e2b61977fddf1b8746efeb28d188f94e85538e7a17690afc

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Aug 2022 00:04:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYYkZwjT3ZOglQMQYmBA28RXrcS054E1GvdXWhfmzily7wojRKZsUwDNp9EJPYhF8r1%2BvCi4kMmwcDe4oiaddziDeZYE6TfTRthScAPYXj6ADPOZRl54zLpu4m3awbZM0XRgHwUe"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73cea1408feea941-SYD
expires
0
cygnus
htlb.casalemedia.com/
37 B
632 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2250f9215a995ace3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22582a3a2a8a38f39%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%226173c20ffcdc064%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02d1bc081f1deb5e2b61977fddf1b8746efeb28d188f94e85538e7a17690afc

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Aug 2022 00:04:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqFYtO1tCeybLGozU1PALEHYKkpf5HRMzDBN8wLpJnuYKp9kOMiKX5iQAmnIHRqpRb58bJ3En2WpFi7cHE17PVEAAP2nWgWFIFRG7AHgOjAiK5oWYFfL2AuNIHb3iOgkCit%2FGLwf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73cea1408fefa941-SYD
expires
0
adreq
ads.servenobid.com/
818 B
626 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=3825
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
rtb.adxpremium.services/openrtb2/
59 B
396 B
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:07 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
bid-request
a.teads.tv/hb/
16 B
360 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 19 Aug 2022 00:04:06 GMT
quant.js
secure.quantserve.com/
24 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
etag
"gV5iHc/sd8Rde4C/i53H5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 26 Aug 2022 00:04:06 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 1EA8
379 B
464 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
939799feaa0542b4603e0bde751132aa68a5108da3ba6702a88e668efa6dd663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 1EA8
107 B
792 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1EA8
107 B
196 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 948D
38 KB
14 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
c960170342866ce58069a06243f7ccc3705cbbc716972540dadb85fcfc95fc9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
13980
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:06 GMT
expires
Fri, 19 Aug 2022 00:04:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A664
603 B
216 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2681516744605830605&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3300&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=80000648&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&ga_hid=648&dt=1660867445240&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&bdt=2954&dtd=443&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:06 GMT
expires
Fri, 19 Aug 2022 00:04:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022081601.js
securepubads.g.doubleclick.net/gpt/ Frame 6E72
383 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:51:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133485
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Aug 2023 10:51:21 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 6EEF
379 B
315 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
508eae0cc8d3a6ed52153299cf0c76415504eda61c775635ed8cb5e60d176e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 6EEF
107 B
165 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6EEF
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C1E9
38 KB
14 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
e95d2f9d33e39a83d463ddfc52428ef37252c3d3008e878dd343338d08cb5e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
13993
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:06 GMT
expires
Fri, 19 Aug 2022 00:04:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022080202.js
securepubads.g.doubleclick.net/gpt/ Frame C000
380 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080202.js?cb=31068832
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
63ef3285adf03cd76db68906ee4f687af534b8cb4dae2b8b294d6ed582f95b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 04:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132729
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 16:25:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 04:34:31 GMT
pubads_impl_2022081601.js
securepubads.g.doubleclick.net/gpt/
383 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 10:55:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133485
x-xss-protection
0
last-modified
Tue, 16 Aug 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 10:55:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
109 B
445 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Fri, 19 Aug 2022 00:04:06 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 6E72
107 B
165 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6E72
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6E72
492 B
265 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3859516164407909&correlator=4162178326476129&eid=31068984%2C31069002%2C31069045&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1660867445994&lmt=1644386353&dlt=1660867444681&idt=1292&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=8o0exhbqlzwe&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1458690040.1660867446&ga_sid=1660867446&ga_hid=299959903&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
596a8eeba0885160738504c65ce2a18c56b758118e2fa20131b536ff3bae4b83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
26236a2c0aee05015173d6c6a7f5ce0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B03
6 KB
4 KB
Document
General
Full URL
https://26236a2c0aee05015173d6c6a7f5ce0d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:06 GMT
expires
Sat, 19 Aug 2023 00:04:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame C000
107 B
165 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080202.js?cb=31068832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C000
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080202.js?cb=31068832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C000
499 B
274 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1369903547375400&correlator=4286638881302954&eid=31068832%2C31068985&output=ldjh&gdfp_req=1&vrg=2022080202&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1660867446137&lmt=1644386353&dlt=1660867444802&idt=1315&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=6cgg3u5pc7xx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=944699467.1660867446&ga_sid=1660867446&ga_hid=447571945&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080202.js?cb=31068832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
51762e833ee73ae724bdac2349a16029ab273b4eb9b97d37f8341be8b7e0ac08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e93a9465eeb8f221b3954a2a3c54535f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F6ED
6 KB
4 KB
Document
General
Full URL
https://e93a9465eeb8f221b3954a2a3c54535f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080202.js?cb=31068832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:06 GMT
expires
Sat, 19 Aug 2023 00:04:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
635 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-36.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 23:04:27 GMT
via
1.1 cc2beda7b70d44b6ed40dda2c22f45e4.cloudfront.net (CloudFront)
age
3580
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 28 Jul 2022 16:54:54 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
Gu7QBH-PEWSCA9onxyjWSB2-EdiMJiAGYjlv76o5cqHWPbDVgCUyCA==
adview
googleads.g.doubleclick.net/pagead/ Frame 2C14
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEav_dtP-YvjYCP6artoPgZqYuAms1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoEiQJP0Kna0qXhuB6MAUPtn2zgZY5gV-kqleVGVVwe2pJV20_QQN-8xzXj-bM5DV7rONkBjlCKGzXQWgRjbbMUFv2CHw64Kj4Y-Ylmq3g5S7PHUykk-RnVZRsNJaII4y4DFWccR85S0_ou_O_4vWeNPy5zkAGq7jlMS8VN053QhW2UP5V-SicM16IAetp23sjVWmssRm4Z3N6pSWbbRXaX3ZDWO016Vhe3O0nK3Y3hsfLOJfR-RBRPRFRmltYf8GyLWzvqdAPqI6tWu8EFHm2pNmerYtjGJNdn8wx7Aw1mIVsi6irAagVor9p3pJRDMY3qgoPPNOXmEWho_Quc94xA5et1DFJ9v3lbTOZggAbDxd-byq3NmOkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=iFr63G4vca8&uach_m=[UACH]&cid=CAQSGwCsnQUxPosR7py1JWPljoxmUDyHzIz3rg0bPxgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Aug 2022 00:04:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 19 Aug 2022 00:04:06 GMT
log
hblg.media.net/ Frame 2C14
35 B
0
Fetch
General
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=0.0017089357&viewability=31&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=a2eb9836cbc14426a029128f268ef973&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-7c75f56789-4f6dr.SG&ogbdp=0.02&prvReqId=190731495689_2044690287_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&scrid=1700080812610100250025000000500&mang=1&bidrestime=1660867446227&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:07 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 19 Aug 2022 00:04:07 GMT
log
qsearch-a.akamaihd.net/ Frame 2C14
35 B
0
Fetch
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=4.0&adtyp=0&req_id=HJDpvqpp5D-3r6xYH9stMw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&url_l1=a&f_seg=&url_l2=di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=0.3100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html%2F&bidrestime=1660867446227&cc=AU&strg=no_strategy&ss=&current_hour=23&time_stamp=2022-08-19+00%3A04%3A06&rvshhon=&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=a2eb9836cbc14426a029128f268ef973&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=2&totalTime=2134400&dmm_m1=2022-08-19+00%3A04%3A06.228621515&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7c75f56789-4f6dr.SG&dfp_bucket=0.0&adblk=2365071409&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:07 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 19 Aug 2022 00:04:07 GMT
nmedianet.js
contextual.media.net/ Frame 2C14
164 KB
56 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5ca7a0b7f8b2a346d7f64bd3ad0a304f161650ee1739bfbd5dee59b808f3653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-nmqp
content-encoding
gzip
etag
"1739ff1f63dc5f71585633fda7facdbe"
x-mnt-w
8-33
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 19 Aug 2022 00:04:07 GMT
x-cache-hits
0
strict-transport-security
max-age=31536000
timing-allow-origin
*
expires
Fri, 19 Aug 2022 00:09:07 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 2C14
61 KB
62 KB
Script
General
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 19 Aug 2022 00:04:07 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=53134
access-control-allow-credentials
true
content-length
62892
expires
Fri, 19 Aug 2022 14:49:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2C14
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 23:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 23:44:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C14
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2C14
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 23:05:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 23:05:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6E72
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
db263f49842f1f8b1f49a2b9ca8e7b48ad6879f93964fe1cb24edf2821c670dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11209
x-xss-protection
0
log
aplogger.adpushup.com/
0
53 B
Ping
General
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI3NTQwNzFfMTY2MDg2NzQ0NjY2OSIsInVzZXJJZCI6IjY4MTM5NV8xNjYwODY3NDQ2NjY5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNDIzMjY4XzE2NjA4Njc0NDY2NjkiLCJwYWdlUGF0aCI6IiUyRmElMkZkaS0xdGlhbi1zaGFuZy14dWUtdGEtZGEta3UtYS1tYS1waW5nLWppLXlpLXhpYW5nLWppZS1zdW4tbnUtaHVpLWppYS1qaWUtd2VpLWNhbmcteWFuZy1jb25nLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGZGktMXRpYW4tc2hhbmcteHVlLXRhLWRhLWt1LWEtbWEtcGluZy1qaS15aS14aWFuZy1qaWUtc3VuLW51LWh1aS1qaWEtamllLXdlaS1jYW5nLXlhbmctY29uZy5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2MDg2NzQ0NjY2OX0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:06 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvZGktMXRpYW4tc2hhbmcteHVlLXRhLWRhLWt1LWEtbWEtcGluZy1qaS15aS14aWFuZy1qaWUtc3VuLW51LWh1aS1qaWEtamllLXdlaS1jYW5nLXlhbmctY29uZy5odG1s.json
cdn.adpushup.com/42753/
555 B
770 B
XHR
General
Full URL
https://cdn.adpushup.com/42753/L2EvZGktMXRpYW4tc2hhbmcteHVlLXRhLWRhLWt1LWEtbWEtcGluZy1qaS15aS14aWFuZy1qaWUtc3VuLW51LWh1aS1qaWEtamllLXdlaS1jYW5nLXlhbmctY29uZy5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:07 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=4, origin; dur=875
content-length
555
expires
Fri, 19 Aug 2022 01:04:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 086E
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzcqddtP-YtjGCNDc9QPdv5zYB6zX_fBktPaok-ILwI23ARABIABgpfiRgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODegAZX1m98DyAEJqAMBqgSDAk_QBEDy2flNA61PQLooPv3jSe0AnafFcMl_cp8t9sw9DDd2otePVq2wiZBRyFvwDlbb9PWk4W-DHu2-PFtCnrRf-2ifkF2O3vOZ9d84X0x97y7LZYXfcLXsofzOCaN77km7vWcHRwI5rGf9MrNulryE2K_7H26DVcZd3F4EDvpJ9_a4QlyvdW1JeDMoEKO3_jl5iJeh00Hrb1OL3f4gD_7DwCR3Jzp8n17oiQP5LHHNFkeNPbTJCY0HN9zRoiaZ_jBetz060_bAAX5McyrwS1DphyFF81h1frR88-gal0q3Kfnu-VlDOswWmTaGriRYIUSnAz5cEQaJ0UceVbIu-yxhPd-ABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=KIZXqgBd1fM&uach_m=[UACH]&cid=CAQSGwCsnQUxON3dcWPiFPQ2wrAHqnKNJ3XiTaNutxgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Aug 2022 00:04:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 19 Aug 2022 00:04:07 GMT
log
hblg.media.net/ Frame 086E
35 B
0
Fetch
General
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=0.0017089357&viewability=84&device_id=4&cbdp=0.02&slotVisibility=1&dn=bg3.co&acid=ed189ddc833142d48fc1d12659c1d7ce&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-7c75f56789-vdw9z.SG&ogbdp=0.02&prvReqId=8884045665999_171750298_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&scrid=1700080812610100250025000000500&mang=1&bidrestime=1660867446239&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:07 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 19 Aug 2022 00:04:07 GMT
log
qsearch-a.akamaihd.net/ Frame 086E
35 B
0
Fetch
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=4.0&adtyp=0&req_id=ARi1xNbs8Z8sIaGsqbp9Og&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&url_l1=a&f_seg=&url_l2=di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=0.8400&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html%2F&bidrestime=1660867446239&cc=AU&strg=no_strategy&ss=&current_hour=23&time_stamp=2022-08-19+00%3A04%3A06&rvshhon=&bdp=0.0200&ct=Sydney&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=ed189ddc833142d48fc1d12659c1d7ce&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=1&totalTime=2757060&dmm_m1=2022-08-19+00%3A04%3A06.241997699&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7c75f56789-vdw9z.SG&dfp_bucket=0.0&adblk=2365071409&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:07 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 19 Aug 2022 00:04:07 GMT
nmedianet.js
contextual.media.net/ Frame 086E
164 KB
56 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f97a66baace554fcc8ff5215d1106b445260c376086d64a04bd1d80c4a9cc9ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-nmqp
content-encoding
gzip
etag
"1739ff1f63dc5f71585633fda7facdbe"
x-mnt-w
8-33
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 19 Aug 2022 00:04:07 GMT
x-cache-hits
0
strict-transport-security
max-age=31536000
timing-allow-origin
*
expires
Fri, 19 Aug 2022 00:09:07 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 086E
61 KB
62 KB
Script
General
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 19 Aug 2022 00:04:07 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=53134
access-control-allow-credentials
true
content-length
62892
expires
Fri, 19 Aug 2022 14:49:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 086E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 23:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 23:44:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 086E
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 086E
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 23:05:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 23:05:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C000
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080202.js?cb=31068832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
db647b901bd57b98b910d8adca49b14d538d92ecc6e938b2edf73ed56821afe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11188
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6E72
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:07 GMT
pixel;r=872466342;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html;uh=e51ed67dfb8d91dc24b15...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=872466342;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1043005569-1660867446841;pbc=bdc2ff7d-ee70-4afe-95ac-1373f2b20933;ns=0;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1660867446841;tzo=0;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C000
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080202.js?cb=31068832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDF4
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
431583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 00:11:04 GMT
expires
Mon, 14 Aug 2023 00:11:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5671
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
GSE /
Resource Hash
8b23f7567ef1acb9d3a8797dc9b1c09526afbc0f65b20dda3d6344704d62ad52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lbFs5QcIzppgUKr3THGTqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-lbFs5QcIzppgUKr3THGTqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:07 GMT
expires
Fri, 19 Aug 2022 00:04:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D31
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
431583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 00:11:04 GMT
expires
Mon, 14 Aug 2023 00:11:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0B32
783 B
737 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
GSE /
Resource Hash
f04a306d79bd345738decad5ed866e5b3149799ea004335e26a078172e2f2e1a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7xod_6mANinLA9DTLOS14A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-7xod_6mANinLA9DTLOS14A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:07 GMT
expires
Fri, 19 Aug 2022 00:04:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.com.au/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
171 KB
47 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1322869054936030&correlator=1912818699703569&eid=31068458%2C31069030%2C44761477%2C44770638&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D82f1c9baf2fc4aa%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Dac0faa990e709274-22a97c69a3d5003b%3AT%3D1660867445%3ART%3D1660867445%3AS%3DALNI_MbhR2peG0babBBHQhL_jzsKqcIyQw&gpic=UID%3D000008c00953a310%3AT%3D1660867445%3ART%3D1660867445%3AS%3DALNI_MZ639Y3l7Qj6YnGY4gEG9UpsnE4bQ&arp=1&abxe=1&dt=1660867447435&lmt=1660867447&dlt=1660867442286&idt=3904&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=250279641.1660867447&ga_sid=1660867447&ga_hid=648&ga_fc=false&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a705aa0b64f0670de8449cd40a0eb5fba96db711b4e665fc40c8324463c53815
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN2u7bHN0fkCFUYUKwodqIMH4w&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN2u7bHN0fkCFUYUKwodqIMH4w&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
google-creative-id
-1,-1,138375334551
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48392
x-xss-protection
0
google-lineitem-id
-1,-1,5859721654
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Fri, 19 Aug 2022 00:04:07 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3640
6 KB
3 KB
Document
General
Full URL
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:07 GMT
expires
Sat, 19 Aug 2023 00:04:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
199 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4b8ef3c7970b30624d4b0285ac55e6851da8f260ce876dd1bfe4728dc6af3d1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72510
x-xss-protection
0
expires
Fri, 19 Aug 2022 00:04:08 GMT
log
aplogger.adpushup.com/
0
53 B
Ping
General
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9kaS0xdGlhbi1zaGFuZy14dWUtdGEtZGEta3UtYS1tYS1waW5nLWppLXlpLXhpYW5nLWppZS1zdW4tbnUtaHVpLWppYS1qaWUtd2VpLWNhbmcteWFuZy1jb25nLmh0bWwiLCJ0aW1lIjoxNjYwODY3NDQ3NzQ4fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:07 GMT
server
nginx/1.14.0 (Ubuntu)
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame CDF4
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
186318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:18:49 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 0D31
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
186318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:18:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5671
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081601&jk=3859516164407909&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 0B32
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080202&jk=1369903547375400&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B015
6 KB
3 KB
Document
General
Full URL
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:08 GMT
expires
Sat, 19 Aug 2023 00:04:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208081650000/ Frame A3B8
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
284191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61502
x-xss-protection
0
server
sffe
date
Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"df13b0b17adb5918"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 15 Aug 2023 17:07:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame A3B8
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
17456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Thu, 18 Aug 2022 19:13:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 19:13:12 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame A3B8
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
233766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 07:08:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 07:08:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame A3B8
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
154528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Wed, 17 Aug 2022 05:08:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 17 Aug 2023 05:08:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208081650000/v0/ Frame A3B8
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
154527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Wed, 17 Aug 2022 05:08:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 17 Aug 2023 05:08:41 GMT
css
fonts.googleapis.com/ Frame A3B8
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
d37b6441dc4049f8fe981972f64903aa46280708aa7f2c4465b447df78459f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Aug 2022 00:04:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 19 Aug 2022 00:04:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Aug 2022 00:04:08 GMT
css
fonts.googleapis.com/ Frame A3B8
4 KB
694 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 22:11:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 19 Aug 2022 00:04:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Aug 2022 00:04:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE3E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWyV_dloG-ULtdC8RCUbY0mVfS2KMatumvkVotgf5wUdDK9EGLXbT_TsB2taiwlt-Dm-26pGWFwnyg6cPxYW77e--LGHMVuHbRPPTZxlcu4Tly23wP_1K83rBGqfCTsIR3jcPRiryLSvn4sEIB5AXAz-DbgtQnzQ40OvbnqgbxBISadMEYTD8pCdSN_SYyg1NYyToPThisHaKgl4uAlJ3MUbsnhmIpnnZK9HJ1EIYD7ZieYR3Y7RQCZBuy6IuGO-SP77DzGkT-mGUHbBpEH33M6IZJGscerzJfpiB_Cy7xHbwzMzZbwkyzQA&sai=AMfl-YTdyEovzwG6LzuQu3lFUM1PZxuR-cqfuMIGk0CiBZ7Wr9kZs8xRZ1pdlKz53i66iz3y6OiCULYXZ9J8FzWMudCnCdcD3aGKJcrKBAtCu8I8sfux3Re7kjX75WlHqu8&sig=Cg0ArKJSzAM8xs7H56h9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
nmedianet.js
contextual.media.net/ Frame DE3E
138 KB
47 KB
Script
General
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4JWBS7
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
11c516a19d3977b1d03598309dc6c040b550df62a0ad16aa60c4fd8726e0b1b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-nmqp
content-encoding
gzip
etag
"2920b171a5884c6d05ff7035fbd5aec2"
x-mnt-w
8-20
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 19 Aug 2022 00:04:08 GMT
x-cache-hits
0
strict-transport-security
max-age=31536000
timing-allow-origin
*
expires
Fri, 19 Aug 2022 00:09:08 GMT
log
qsearch-a.akamaihd.net/ Frame DE3E
35 B
329 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=prod&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=22132338&other_prv=4&jar_err=&current_day=4.0&adtyp=0&req_id=3863509334020428170&bd_m3=0.0000&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=16.0790&exp=&fdbk_id=&second_bidder=*&search_res=65&floor_bucket=0.00&gpid_format=&seat=BID_API&size=120x600&url_l1=a&f_seg=&url_l2=di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&prdp=0.0035&ogcbdp=0.0100&dfpbd=0.0035&server=1&ogerpm_wd_bkt=0-1&model_version=202208181549_generic_others_1-cid_0&viewability=0.8000&dmm_r=0.0000&cut=65&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=NSW&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html%2F&bidrestime=1660867446236&cc=AU&strg=harmony&ss=&current_hour=23&time_stamp=2022-08-19+00%3A04%3A06&model_key=generic_others_1-cid_0&rvshhon=&mul_ratio=0.0000&bdp=0.0100&ct=Beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=default&dc=west_la&splid=22132338&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=626ddf6fe03f40b38483d03d2ea05b3e&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=0&totalTime=2989014&dmm_m1=2022-08-19+00%3A04%3A06.238181078&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU2CV286&bcrid=351639019&rawbid=0.0100&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-65b8cc4946-kbpj5.LA&dfp_bucket=0.0&adblk=&itype=appnexus_experiment&pvid_seat=4_BID_API&cliIP=2918568334&advurl=related.360topics.com%2F&level_base=0&crid=752115612&sat=1&br_id=265&cut_bkt=65&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.01
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:08 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 19 Aug 2022 00:04:08 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame DE3E
61 KB
62 KB
Script
General
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 19 Aug 2022 00:04:08 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=53133
access-control-allow-credentials
true
content-length
62892
expires
Fri, 19 Aug 2022 14:49:41 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame DE3E
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:08 GMT
Content-Encoding
gzip
Age
15174340
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21978-LGA, cache-syd10155-SYD
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1660867448.345768,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 740437
it
lax1-ib.adnxs.com/ Frame DE3E
0
819 B
Image
General
Full URL
https://lax1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bg3.co%252Fa%252Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&e=wqT_3QKsBeisAgAAAwDWAAUBCPam-5cGEKKqppj6oZ2IFxgAKjYJ-n5qvHSTaD8RDjLJyFnYYz8ZAAAAoJmZuT8hDg0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Drq9anAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8HGYAXigAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALR8FzqAnVodHRwczovL3d3dy5iZzMuY28vYS9kaS0xdGlhbi1zaGFuZy14dWUtdGEtZGEta3UtYS1tYS1waW5nLWppLXlpLXhpYW4BDGRlLXN1bi1udS1odWktamlhLWppZS13ZWktYwFDAHkBBfDCY29uZy5odG1sgAMAiAMBkAMAmAMXoAMBqgNBEhgzODYzNTA5MzM0MDIwNDI4MTcwX3NiaWQaEzE2NjE5NTY5NzI1MTk5ODY0NjYiCTM1MTYzOTAxOSoFTTExNzPAA6wCyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3My4yNDUuMjA5LjE0MqgEALIEDwgAEAQYeCDYBCgBMAA4ArgEAMAEAMgEANoEAggB4AQB8ATrIX1YiAUBmAUAoAWKo8aF0Kj8zjXABQDJBQAFARTwP9IFCQkFC3wAAADYBQDgBQHwBcWUIfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvnjAtoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUAYACAAMAA4iAFAAMgHANIHDRV1ATYI2gcGCSVo4AcA6gcCCADwB5jQCooIAhAAlQgAAIA_mAgB&s=9a128adc4b983cd514c3cac87bb898acbbe5b4e0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:08 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7ca4b107-5c2f-46c0-9fd2-de7348a1bb86
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE3E
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:08 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A3B8
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 15:10:14 GMT
x-content-type-options
nosniff
server
cafe
age
32034
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7688947696963022458
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Fri, 19 Aug 2022 15:10:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A3B8
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 01:26:22 GMT
x-content-type-options
nosniff
server
cafe
age
81466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 19 Aug 2022 01:26:22 GMT
2728354180183721846
tpc.googlesyndication.com/simgad/18048766669485511400/ Frame A3B8
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/18048766669485511400/2728354180183721846?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYIXBAwGAEgAS0AAAA_MFw4MEUAAIA_&rs=AOga4qnm8JyCPYgnR1X57BkeNLvODKyJTg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
71b6ddcb44acd76b834870f1350583a7eab692f8293d27c644f75bd86d612b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:08 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3610
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 17:08:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Aug 2023 00:04:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A3B8
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXJjld9P-Yp6XI8aorAGoh56YDqey_p9rs8Kq6aoQy_-h-tAiEAEguoTAM2ClgICAkAGgAbrdjfYCyAEG4AIAqAMByAMKqgTKAk_QGWSDdY_S-h9Itz2iDYooExGoMEm5xqJB30U2GFtafleGteEHo4Sxy4S3xKw9Odgr-KAyvfWqEeqZ-QDWyChC2OcImKpWqWS4PvGbupBaVHC4BKMk_MDc5OhMLPx_hj5oue0bE3OIQ2TV8zOq8LRITV7Kv5RBuc9Nkfcqo9rGKxSETP4gEN1-kYxJ_cNX6brRzqUivP1IXrOPTXTE-BP0hptTIDh9Mph4ji1yHBqUQH5f5k6IgawstaBs0n1_2Jem15v_8HYp0flRal2qZj2bHlkxTWqjNv3UllcYF0ED7YtKIvCl_nEm5gQBr4S-4t0WiHJhFHDm_wEAb034EUGb1ro1BW9v9yRccNU9FtodEeLJ9Ob4gKxCfTK-OYNXnY7EuMHW_dGzMLLZ4XAAdOsBhVxdAZkVkaY8yE3XbgvIRgCrcW-iPFVFs8AE4duYjIsE4AQBoAY3gAeuovKJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKKMAtIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=r-EiqzuSCWs&uach_m=[UACH]&template_id=492
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
131 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9kaS0xdGlhbi1zaGFuZy14dWUtdGEtZGEta3UtYS1tYS1waW5nLWppLXlpLXhpYW5nLWppZS1zdW4tbnUtaHVpLWppYS1qaWUtd2VpLWNhbmcteWFuZy1jb25nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04MzNkMmFkNy0wMjUyLTQzMDktYjdiYi0yZDJiYWZlMGI2OWYiLCJiaWRzIjpbeyJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDAyNDIzLCJyZXNwb25zZVRpbWUiOjg2OSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiYXBwbmV4dXMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDAwMjQyMywid2lubmVyQWRVbml0SWQiOiI4MmYxYzliYWYyZmM0YWEiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzUsM10sInNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIxMjB4NjAwIiwicHJlYmlkQXVjdGlvbklkIjoiN2M5Nzk0ZmQtY2M0Ny00N2I3LTgwZjAtY2M4ZGY1MTUzNmNiIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjF9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:07 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
truncated
/ Frame A3B8
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0e9a416201298be38079963ef94247970ffe9adee4872b902b9a0cb899f6f8c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
smtr
contextual.media.net/ Frame 2C14
90 KB
33 KB
Script
General
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&kwrf=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1660867447968067202&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44eq4qeN4&bcpf=B448fOnRrolnfOur8eq4qeN4&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0337880750t202208190004&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e4d03153172efea54f2f4831e7bf1ccb9b073856b46235d723d0baa8867af617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Fri, 19 Aug 2022 00:04:08 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-xstt
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33662
x-sc-w
21-wb9z
bping.php
lg3.media.net/ Frame 2C14
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=651&&vgd_cdv=780&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1660867447968067202&ugd=4&lf=6&kwrf=https%3A%2F%2Fwww.bg3.co&cc=AU&sc=NSW&lper=100&wsip=2886994110&r=1660867448210&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1660867447138744391&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0337880750t202208190004&vgd_pgids=1&vgd_uspa=0&hvsid=00001660867448207029185683346639&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 19 Aug 2022 00:04:08 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=80823
content-length
15
checksync.php
contextual.media.net/ Frame 23DB
26 KB
10 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
22da7fd90bee3d5a37570c9ed148dfa1a49fe0e2da62325a06ef8314f7822429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Fri, 19 Aug 2022 00:04:08 GMT
expires
Sun, 21 Aug 2022 00:04:08 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 2C14
35 B
172 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4555&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=HJDpvqpp5D-3r6xYH9stMw&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=0.0017089357&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=31&renderer=1&be=0&rtime=25.0&adj0=0.0&tmax=300&s_ip=74.125.190.130&adj2=0.0&adj1=0.0&feedback_id=HJDpvqpp5D-3r6xYH9stMw&adtypes=0&mx_aabpc=0&reqid=HJDpvqpp5D-3r6xYH9stMw&sc=AU-NSW&mowxReqId=a2eb9836cbc14426a029128f268ef973_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&bidrestime=1660867446227&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-34-0&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=a2eb9836cbc14426a029128f268ef973&actltime=31&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1660868046479&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.02&pvdTmax=254&ltime=31.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=190731495689_2044690287_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=34&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-nbkr2&currsrc_date=2022-08-18+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-19+00%3A04%3A06&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET7ExBAZcEAgNYqCH3ScGR4wHXKchyhOYmoluxbXGqrXJjKkGC4C9mWpY4BXaeYeo2-9&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-4f6dr.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D438~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022081817~iurl_b%3D63653.72~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.21~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D70%2C70~et%3D12~rc%3D1~rps_sd%3D2022081812~vis_b%3D250.57~url_b%3D0.02~url_tvi%3D0~smm_wr%3D43.5028~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022081812~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3DaQw3CusVm9WHHmerS~btd%3D60213921828918888640299364277820231887515500330012457661103892287421721093672960~d2p_l%3D60~3pcf%3D11.93~uim%3D16559~dmm_strg%3Dno_strategy~d2p_b%3D0.85~ogd2p_b%3D0.85~vurl_b%3D0.1~ss%3DNA~uiw%3D99~ce%3D0~rps_b%3D20.06~vurl_l%3D50~CI%3D2719~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.38~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.37~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.31%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D0.0017089357%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D254&utime=1985&sf=0&cpr=0.8925481176299483
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445189&bpp=11&bdt=1634&idt=565&shv=r20220817&mjsv=m202208150101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=1&ga_vid=833009203.1660867446&ga_sid=1660867446&ga_hid=318729505&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1782&biw=1600&bih=1200&isw=336&ish=280&ifk=3603096897&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44771548&oid=2&pvsid=3581665887227268&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p8clv54ogbwb&btvi=1&fsb=1&dtd=579
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 19 Aug 2022 00:04:08 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 19 Aug 2022 06:04:08 GMT
truncated
/ Frame 2C14
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9aa8943d829122701bc92089afaa1e27f4ce6a3004b307f6c950be2138d079e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
smtr
contextual.media.net/ Frame 086E
90 KB
33 KB
Script
General
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&kwrf=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1660867447898444029&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44eq4qeN4&bcpf=B448fOnRrolnfOur8eq4qeN4&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0337880750t202208190004&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2878ede20c2ca14a43d6f85e9d795545866ece73ce8e73e6d181656f531506ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Fri, 19 Aug 2022 00:04:08 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-xqc7
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33717
x-sc-w
21-wb9z
bping.php
lg3.media.net/ Frame 086E
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=651&&vgd_cdv=780&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1660867447898444029&ugd=4&lf=6&kwrf=https%3A%2F%2Fwww.bg3.co&cc=AU&sc=NSW&lper=100&wsip=2886994110&r=1660867448287&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1660867447166806981&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0337880750t202208190004&vgd_pgids=1&vgd_uspa=0&hvsid=00001660867448283029185683347978&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 19 Aug 2022 00:04:08 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=80823
content-length
15
checksync.php
contextual.media.net/ Frame 04F6
26 KB
10 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
22da7fd90bee3d5a37570c9ed148dfa1a49fe0e2da62325a06ef8314f7822429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Fri, 19 Aug 2022 00:04:08 GMT
expires
Sun, 21 Aug 2022 00:04:08 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 086E
35 B
172 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4537&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=ARi1xNbs8Z8sIaGsqbp9Og&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=0.0017089357&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=84&renderer=1&be=0&rtime=28.0&adj0=0.0&tmax=300&s_ip=172.217.47.8&adj2=0.0&adj1=0.0&feedback_id=ARi1xNbs8Z8sIaGsqbp9Og&adtypes=0&mx_aabpc=0&reqid=ARi1xNbs8Z8sIaGsqbp9Og&sc=AU-NSW&mowxReqId=ed189ddc833142d48fc1d12659c1d7ce_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&bidrestime=1660867446239&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-34-20&coppa_enf=true&bdp=0.020&ct=Sydney&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=ed189ddc833142d48fc1d12659c1d7ce&actltime=36&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1660868046493&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.02&pvdTmax=250&ltime=35.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=8884045665999_171750298_52982010413131&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=44&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-rps7x&currsrc_date=2022-08-18+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-19+00%3A04%3A06&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET6-YZS3ZeaCPDv0Ov7KNopWt3rFMMtSx0sh670YVZXelD1kbvkpWrNvpsYt0jrEtMwA&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-vdw9z.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D438~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022081817~iurl_b%3D63653.72~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.21~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D70%2C70~et%3D15~rc%3D2%2C7~rps_sd%3D2022081812~vis_b%3D702.08~url_b%3D0.02~url_tvi%3D0~smm_wr%3D36.5804~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022081812~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3DaQw3Wkn0f9nUrVPwc~btd%3D60213921828919309876607394069131867149106874300693264825902432008115077787226112~d2p_l%3D60~3pcf%3D11.93~uim%3D16559~dmm_strg%3Dno_strategy~d2p_b%3D0.85~ogd2p_b%3D0.85~vurl_b%3D0.1~ss%3DNA~uiw%3D99~ce%3D0~rps_b%3D20.06~vurl_l%3D50~CI%3D2719~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.38~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.15~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.84%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D0.0017089357%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D250&utime=2047&sf=0&cpr=0.6090242551325289
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 19 Aug 2022 00:04:08 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 19 Aug 2022 06:04:08 GMT
truncated
/ Frame 086E
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9edb207f77a3c8a0b3f504d605a2e6850309ad45073da4f02ce74a578adffb11

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame CDF4
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Z00Kjw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0D31
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?7sicfA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
smtr
contextual.media.net/ Frame DE3E
86 KB
28 KB
Script
General
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU4JWBS7&cpcd=7rRp17Jcr0dK_ZLqU2NgxQ%3D%3D&crid=781214713&size=120x600&cc=AU&chnm=HARMONY&pid=8POGBHUQ8&tpid=TA9337G&https=1&vif=1&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&nse=5&vi=1660867448376738051&lw=1&ugd=4&adt1=8CU2CV286&adt2=752115612&bcpf=B44eq48fOnRrolnfOur8qeN4&bdrId=4&ntv=0&matchstring=hr%3D0%7C&kttle=%E7%AC%AC1%E5%A4%A9%E4%B8%8A%E5%AD%B8%E5%A5%B9%E5%A4%A7%E5%93%AD%EF%BC%81%E9%98%BF%E5%AC%A4%E6%86%91%E8%A8%98%E6%86%B6%E3%80%8C%E6%83%B3%E6%8E%A5%E5%AD%AB%E5%A5%B3%E5%9B%9E%E5%AE%B6%E3%80%8D%E3%80%80%E7%B5%90%E5%B0%BE%E8%97%8F%E6%B4%8B%E8%94%A5%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808076868&kapc=43&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8Ovz1%7C%7C77OvW&kata=aton&ekalog=qVrv9%7C%7CPPVrvdJ7a%20QVyYPQ0NjdfB%7C%7CbVvfhiu%7C%7C%3DVvfhif%7C%7C_0_rvFAWX9h9AX99uWF9%7C%7Cc0_rvFXF%7C%7CcVvfhif%7C%7CbVrvi%7C%7C_TVrvF&pgid=p0337880750t202208190004&goent=1&nb=1&cadomain=tzR-hLcl-L-HShN42-uufdV3aTJmADGXGdtTl7u2al8%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU4JWBS7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0748720bdbaa97c40517eeab01cb9eae0b2be768e9cb8814d245fea62576250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Fri, 19 Aug 2022 00:04:09 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-d4dk
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
27937
x-sc-w
21-wb9z
bping.php
lg3.media.net/ Frame DE3E
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bping.php?vgd_len=621&&vgd_cdv=780&gdpr=0&prid=8PRVCXX19&cid=8CU4JWBS7&crid=781214713&vi=1660867448376738051&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886781337&r=1660867448509&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1660867448138207904&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_pgid=p0337880750t202208190004&vgd_pgids=1&vgd_uspa=0&hvsid=00001660867448507029185683341808&gdpr=0&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 19 Aug 2022 00:04:08 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=80823
content-length
15
checksync.php
contextual.media.net/ Frame 996D
26 KB
9 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
57bee627a2e3feedb2414d2382c3a357db2031b1ef93656a26bcf1cf6e65f9b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9350
content-type
text/html; charset=UTF-8
date
Fri, 19 Aug 2022 00:04:08 GMT
expires
Sun, 21 Aug 2022 00:04:08 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame DE3E
35 B
172 B
Image
General
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4118&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3863509334020428170&s_city=los+angeles&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.010&size=120x600&mx_TAS=1&mx_gpid_sent=false&xtmax=148&commit_id=2028b3b1&scrid=351639019&itypeid=21&mx_SPRIG=0&viewability=80&renderer=0&be=0&rtime=31.0&adj0=0.0&tmax=150&s_ip=104.254.149.143&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3863509334020428170&sc=NSW&mowxReqId=626ddf6fe03f40b38483d03d2ea05b3e_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&bidrestime=1660867446236&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CU4JWBS7-781214713-34-29&coppa_enf=true&devmodel=Unknown&bdp=0.010&ct=Beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D148%7CHARMONY%7Cbrr%3D1&mx_epbc=8CU4JWBS7&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.360topics.com&dn=bg3.co&dt=O&acid=626ddf6fe03f40b38483d03d2ea05b3e&actltime=36&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.003&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=11901&bfs=103&rfc=-1&prvApiId=8CU4JWBS7&epcexp=false&pubid=pub-appnexus-exp&mx_bsProfile=0&cid=8CU2CV286&bcrid=351639019&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=HARMONY&pst=0&reqsize=120x600&adpos=0&itype=APPNEXUS_EXPERIMENT&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-exp&__expireat=1660868046490&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=781214713&ckfl=0&lper=1&mx_tgs=120x600&cbdp=0.003&pvdTmax=104&ltime=36.0&epc=781214713&prvReqId=34667811805554_761901305_75211561241&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS_EXPERIMENT-1800859&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=42&apTags%3C%3E=75&mx_PC=1&wsip=mowx-5576ffddc4-9cz69&currsrc_date=2022-08-18+00%3A00%3A00&mx_divid=22132338&geoll=false&omid=0&debug_ts=2022-08-19+00%3A04%3A06&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=22132338&snm=SUCCESS&mx_IAB2=0&usp_enf=0&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.1&pvid=4&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-common-65b8cc4946-kbpj5.LA&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=22132338&ptype=23&media=0&acsn=1&dtc=west_la&mx_aqcpl_crid=4&ogbdp=0.01&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=752115612&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=22132338&opbidflr=0.000&impId=1661956972519986466&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D446~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022081812~iurl_b%3D5862.7~url_tkc%3D0~std%3D22132338~last%3D~vis_url_b%3D0.97~ip%3D3bw0WO~fbb%3D0~vis_url_l%3D30~riipua%3D1%2C1~et%3D30~rc%3D1~rps_sd%3D2022081813~vis_b%3D988.28~url_b%3D0.17~url_tvi%3D0~ecp_eer%3D10~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daBUAdtWG83b8nS~btd%3D928372126040856338803392887007122377326443609169687566937783050701076958744576~d2p_l%3D50~3pcf%3D203.05~uim%3D785~dmm_strg%3Dharmony~d2p_b%3D0.99~ogd2p_b%3D0.99~vurl_b%3D0.36~ss%3DNA~uiw%3D80~ce%3D0~rps_b%3D16.28~vurl_l%3D50~CI%3D2719~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.76~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.82~ivurl_l%3D50~supply_tag_id%3D22132338%7Eviewability%3D0.800631%7Ecbdp%3D0.003%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Edcut%3D65%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D104&utime=2273&sf=0&cpr=0.815320953103545
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 19 Aug 2022 00:04:08 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 19 Aug 2022 06:04:08 GMT
checksync.php
contextual.media.net/ Frame 1AB5
26 KB
9 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
57bee627a2e3feedb2414d2382c3a357db2031b1ef93656a26bcf1cf6e65f9b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9350
content-type
text/html; charset=UTF-8
date
Fri, 19 Aug 2022 00:04:08 GMT
expires
Sun, 21 Aug 2022 00:04:08 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
rd_log
lax1-ib.adnxs.com/ Frame DE3E
0
819 B
Script
General
Full URL
https://lax1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&e=wqT_3QLrBOhrAgAAAwDWAAUBCPam-5cGEKKqppj6oZ2IFxgAKjYJ-n5qvHSTaD8RDjLJyFnYYz8ZAAAAoJmZuT8hDg0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Drq9anAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8HGYAXigAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALR8FzqAnVodHRwczovL3d3dy5iZzMuY28vYS9kaS0xdGlhbi1zaGFuZy14dWUtdGEtZGEta3UtYS1tYS1waW5nLWppLXlpLXhpYW4BDGRlLXN1bi1udS1odWktamlhLWppZS13ZWktYwFDAHkBBfCBY29uZy5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9MDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzMuMjQ1LjIwOS4xNDKoBACyBA8IABAEGHgg2AQoATAAOAK4BADABADIBADaBAIIAeAEAfAE6yE8WIgFAZgFAKAFiqPGhdCo_M41wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUA4AUB8AXFlCH6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab54wLaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlAGAAgADAAOIgBQADIBwDSBw0VdQE2CNoHBgklaOAHAOoHAggA8AeY0AqKCAIQAJUIAACAP5gIAQ..&s=94a021a4594e13d71ba35105a88b411fbc34a4bc&bdref=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html,https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:08 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a329045f-8da3-488a-9280-3c7ff1a4b171
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync
cs.media.net/ Frame 23DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzODY5MDQ4NjgzMzQxNjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
45 B
445 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 23DB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=79c13aec-f358-494c-84cc-ab07497fac3e
45 B
450 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=79c13aec-f358-494c-84cc-ab07497fac3e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=79c13aec-f358-494c-84cc-ab07497fac3e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:09 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 Aug 2022 00:04:09 GMT
ssrh.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B015
84 KB
29 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 15:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30063
x-xss-protection
0
server
cafe
etag
16132151104434394549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 19 Aug 2022 15:27:44 GMT
collect
www.google-analytics.com/g/
0
106 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8h0&_p=648&cid=250279641.1660867447&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660867448&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&dt=%E7%AC%AC1%E5%A4%A9%E4%B8%8A%E5%AD%B8%E5%A5%B9%E5%A4%A7%E5%93%AD%EF%BC%81%E9%98%BF%E5%AC%A4%E6%86%91%E8%A8%98%E6%86%B6%E3%80%8C%E6%83%B3%E6%8E%A5%E5%AD%AB%E5%A5%B3%E5%9B%9E%E5%AE%B6%E3%80%8D%E3%80%80%E7%B5%90%E5%B0%BE%E8%97%8F%E6%B4%8B%E8%94%A5%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 04F6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=79c13aec-f358-494c-84cc-ab07497fac3e
45 B
450 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=79c13aec-f358-494c-84cc-ab07497fac3e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=79c13aec-f358-494c-84cc-ab07497fac3e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
cksync
cs.media.net/ Frame 04F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzAzODY5MDQ4NjgzMzQxMzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
45 B
445 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3B8
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 09:29:28 GMT
x-content-type-options
nosniff
age
52481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 09:29:28 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3B8
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:05:03 GMT
x-content-type-options
nosniff
age
28746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 16:05:03 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A3B8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 19 Aug 2022 00:04:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame DE3E
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e1629d8848f3bc182a82e60d529fe89ecca0cd8b92739eae1ddcc3d30b660a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
lax1-ib.adnxs.com/ Frame DE3E
0
836 B
Ping
General
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&e=wqT_3QKsBeisAgAAAwDWAAUBCPam-5cGEKKqppj6oZ2IFxgAKjYJ-n5qvHSTaD8RDjLJyFnYYz8ZAAAAoJmZuT8hDg0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Drq9anAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8HGYAXigAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALR8FzqAnVodHRwczovL3d3dy5iZzMuY28vYS9kaS0xdGlhbi1zaGFuZy14dWUtdGEtZGEta3UtYS1tYS1waW5nLWppLXlpLXhpYW4BDGRlLXN1bi1udS1odWktamlhLWppZS13ZWktYwFDAHkBBfDCY29uZy5odG1sgAMAiAMBkAMAmAMXoAMBqgNBEhgzODYzNTA5MzM0MDIwNDI4MTcwX3NiaWQaEzE2NjE5NTY5NzI1MTk5ODY0NjYiCTM1MTYzOTAxOSoFTTExNzPAA6wCyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3My4yNDUuMjA5LjE0MqgEALIEDwgAEAQYeCDYBCgBMAA4ArgEAMAEAMgEANoEAggB4AQB8ATrIX1YiAUBmAUAoAWKo8aF0Kj8zjXABQDJBQAFARTwP9IFCQkFC3wAAADYBQDgBQHwBcWUIfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvnjAtoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUAYACAAMAA4iAFAAMgHANIHDRV1ATYI2gcGCSVo4AcA6gcCCADwB5jQCooIAhAAlQgAAIA_mAgB&s=9a128adc4b983cd514c3cac87bb898acbbe5b4e0&type=nv&nvt=5&jm=1003&px=5&py=300&bw=120&bh=600&sid=3441609731678078018&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&sw=1600&sh=1200&pw=1600&ph=3660&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:09 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d604c229-8857-45be-bb1b-15b8a9c50342
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4535204546115200556_9639790754815105387.jpeg
static.doubleclick.net/dynamic/5/230880527/ Frame B015
98 KB
98 KB
Image
General
Full URL
https://static.doubleclick.net/dynamic/5/230880527/4535204546115200556_9639790754815105387.jpeg
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f149.1e100.net
Software
sffe /
Resource Hash
72cd5c8fd76fa24fcf7da1858140f05e086d3a37a5a901b4fc0fd7ff362cf101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99988
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 06:04:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 00:04:12 GMT
9897826183455660584_8517542310514133763.jpeg
static.doubleclick.net/dynamic/5/230880527/ Frame B015
58 KB
59 KB
Image
General
Full URL
https://static.doubleclick.net/dynamic/5/230880527/9897826183455660584_8517542310514133763.jpeg
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f149.1e100.net
Software
sffe /
Resource Hash
bf6c0305fba025c4a6a27c7b92b12af780623447dbb2b6cec5c30329a860edd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:10 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59420
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 06:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Aug 2023 00:04:10 GMT
12261985016435701944
tpc.googlesyndication.com/daca_images/simgad/ Frame B015
29 KB
29 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/12261985016435701944
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
8877c12ecd2f30c8f7d08fdb83b48dc0d408d9f50e06966704baa5269bc869dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 00:16:46 GMT
x-content-type-options
nosniff
age
344842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29907
x-xss-protection
0
last-modified
Wed, 12 Jul 2017 06:22:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Aug 2023 00:16:46 GMT
13761022616319569966
tpc.googlesyndication.com/simgad/ Frame B015
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13761022616319569966
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
d21d71482b319441598223a737db827275ca21314bbe4b7976f53232f02accef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 14:59:18 GMT
x-content-type-options
nosniff
age
119090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13552
x-xss-protection
0
last-modified
Mon, 09 Nov 2020 10:18:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Aug 2023 14:59:18 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B015
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCqpJd9P-Yp2XI8aorAGoh56YDovp9bRmgqX744sM_9GivcABEAEguoTAM2ClgICAkAGgAbC6odcDyAEJqQLhNUsVMe6wPuACAKgDAcgDywSqBLcCT9DWw2BkLfnxWWfqRcVWjonGLQiGOeQkBPYEaIaD3rxlMaDbgSmGF_d5czuFrXq0oN5VjrrVXJiIzohN8tVTIBLI8iUH-he28c_2QMjgiVYS0VO5BqJK41S25outVadV0FyYTvMF1EBFUMerw9kTvF778BmVi5Gug12MzCJ67QYGuHMbOanm9VYX3gpFp3k2WR4aI8oa9Ed8mEXzxviSxIUBQULkzUrqSUp-Mzsnpfvj5hr_uEnTWnq-KO4Cln5CsX0Wp556lAt5z-5yZNvu0NjPgJMFUIxmn283x5ZxSvOdGa3Tpx29gRUZv9nCNjeHSvYelfohplZn0j8kYKxI8hKQwN8-Fc5wPXnYgwS6JhtqjdRB2givJ3_gpCg7JhXfJEn5446CR7cEy_H9xjrRA-sKbkJQpuzABL3f07qjA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfK2ptlqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEILYBNIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=Fd7hDYT9Dqg&uach_m=[UACH]&template_id=494
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame B015
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 23:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 23:08:40 GMT
cksync
cs.media.net/ Frame 996D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzAzODY5MDQ4NjgzMzQxMTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
45 B
445 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 1AB5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=10&google_nid=media&google_cm=1&google_hm=MzAzODY5MDQ4NjgzMzQxMTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
45 B
445 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C4%2C359%2C10000%2C229%2C9&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=10&google_gid=CAESENmLgctafq8d42JJyjBRmtk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E72
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081601&jk=3859516164407909&bg=!sLOls_fNAAYUOm8VNDo7ACkAdvg8WlRPLLRpKEZ3mEIQYv6AoGZ2W6d9EmmOggXuAL7qJtC88Y5CywIAAAESUgAAAAJoAQeZArS1all__1j_3nc6Oz-z4pPkuwB6dD2VBoHa3O7so8mVvUCKm7w9GDDxWHCQLvX6TMryz95gnq_Zonz3Cn-SGz_iWpm5s7Wa0Te6oqEG3Tds8frODKZCtstAfQv0qs_Q58feHBxBo7Ya1T7FEdy83MPvyh_IJ5lQFMW3j_N6MU4vSsFXNFAKKFMzbJTFTFWyM61Abrgk2C2Tn3_NHnXh2iVPFfrBtdlt8U6fuz9hk1YaptEs2xXkFQLmCxNenZFEWxBaky_fjerib_IoM_HdYAI3PNVyzxjL3bXEtHBowv1mhbVRdTdVIcwe-_LZZJIh06eUmJ5BUtS4auUliucvcx4Ubb8Y_oyLx9ki2Jcq5Wy8R4LliEKlHI8Vaolm0jA2JvZ5bNN9yayUf5K2fdQbvtrK4doNn3DyToS5Im0ObJHYpEOPG1rqmuRGYs276dVS2wTNUn1e_3RngKypiF0uVViyCKYhgOfM-e3OmjJAR3ZTY8-MfSBsyx1B_A-Zb-3FAuMdUvS-twMJ5qEHMuyyPzqKRAD611T_d0cJUcEtSvKdTC8dt9j7EtkmqIoBZ9AS-GyQ-yRand2mmcGjba-Sn9ZNYGOenthWwDZCGkUYXxNqYcq59qF5Ht7hZLpcIeqdlUZc23lkiq8e1gihM2Lx8BPAvwO4UoE3iBbmt13DoglKJGoNZ9zICj497Tfg6jrNzP2T9un5uNai6DHTsmb7VJV00T5H3AdDuT_3DcBLdF-BF8UPcOPaQveta_MXcE1S_I71sw7QcJZwhboRpbhbAX21rjCEI8KUN6isD0q744y_6xQGkq22gVGvoqBxivuoI_51rgILfGzDlDKo077ZlOaUXjBGyY8OG5f4ufIXtaVCM-faUeqAW62Mmo0cxzYNbH5bvDMa9Sev5779NT01-gL7IwyKrg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame C000
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080202&jk=1369903547375400&bg=!ISKlImbNAAYUOm8VNDo7ACkAdvg8WjGS1DJTRlNruPUoX9Ng1GGpgKLIgSPepxpfmy6qq4E0EoVj2gIAAAEDUgAAAANoAQcKAJCBlLVn1kmNQOnuv4kMSbTdddYyaEPJZJpqNs8qeVeHS1WA9L7MIAHz19BX-EHTW5PtjNI2FnnsY7NAzmuQR3tSI7ctmkgJXIZj9FOuReubakAaBFFr4NLdJd8JD4EXDxGHsq1HsDvUKGo8RCuGD3vWklo2xqoNhMhA7EY_taKUnykAFUrnWOb8o1S8whYuQ0mZArZU3OUbDxNdUrAs6vMQeMYMQd3jDWrg7yKIfFNyIP_8DlvF1J0yqEiR-Eglc0sHj4f3WMJnCYY-ZhV_zzESeuSCIzRj45BAQvYDM6HMvnApfglpJJo88wj9cvahO4fjTJx6kB7nubLQrjAxdaHzr5HQzljWwDXtVvos7qAUZ-cL0kI93A4PbfXw5gv3DQOf5zngwPFfuIJtL3vfzNAZ-1Z7HDuS5-iX1n8OfjULcRJw7JrW3CME9EHtFn5R1bnZp277LXcT6vPDJfpbQREIwHfoT5ZqenIw7vDgHsjC7lziyFuOdgQx_vs_L0QOE04FjW3cj1b1xvn_NCF3Ovdpn4wGx4dBH6Akljj8hye9NeQB6bzz_NINy4DE_2h9XnBhKXVEMZmjXm9b3AUVbVsoen0PfkFP-AUxpEWqr07_Jlbu4H7UlCdnRdJLP3UulIqV6dQVFDF5-qbjSXZZg3v0-LLei1J9-ELWCyWfrzwswByyu69-EMCji7hsFgwSLQrBansPCh1WvQ7wrPow8QS19VWBJ0WQV_9nwZCcFS2943LDfC4D5YLQpjRl8VfAtWs3wOEiu-Q430XHgANrLXpLuffYW1zLRDFlD5gZqfnH4PPmbRs00twQKmJMI-f3UeAJN1ETI3fUbr5N-FuWJk7MBSP5fuaCbirbfIYk6GjOTb15IjK6-hKTw9xa4HeM0kb7prJMJdGVMuL67nIX3B1EX5Gifgxn5bB0cGePTu-3rC2Zvms5J2jOHWq3dkqm54q995T9RkQO4oJEkFBS9jDIH0IkXpqS7C6y9dd8qbv0NnV9M5-LHbPpubimVabRMMRDyRcUxKBJlYrEppHh-cDsivrJ94wQwVDLZ0FHdTnSMm3dGrT-l1RusH-vouo5IQ6wgTkqd_TpuvBlTgfQ-7Arog8Vk-3yb5rI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

truncated
/ Frame 3401
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3401
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3401
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 3401
15 B
159 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=5426&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QxtHtOpv8X6ixgU0tpuFxthLypW9AKtyPQUEQw9FWFl-jMxUz_-WpZQCgFu37VibIC7FZBVDKAapRU-EkzR1iZnwPviNxXXzT&cme=tFWg3a3UUd9LFvm2qTaksoSpHg6fGvUMFJmazugSbvztOXEQ65JSqdxolaa66IfJaaXjki9ZoKAEd0YVqn-9vjdLmF1kyYddM5705YHV7aWbR-T9HPJH3E6Rp6BkO5H895vazYXCy3lqt661U1rNAvMOXnhBOdVw___dqkfnhrS9PGUoQgSjMirtmcECo6upsZ31-ZX-smU9BMFb0nTBOA%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Cs1zUjvwOfvhx85CMDP4tsmcLbH4Gvn7NIm_iwCuQE2yN1wbhAyHItvRNHit3AE-FpcIbVZMGxpeW08uP6MGJRZvqwu66PTNd0Qc4U-oQg-MqDxuNAnS11akojOVCspSjhX9div3h-NQ%3D%7Cxrl5Md8q4-_ojEqJ-ZPqEDISFRG5d2jVLVnwjxF6eDM%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CuvUyC4h7KTJi1WY6ZXss9xzOE15Y86I214TBJDiK95zKIPQr28Y3CK2tFU7WnK3y_22q4_ULKNHAl2l8dBzpCqmi6lN7HvR3dkhb9nqcNblp9kUyHRr4t6KQigL669fwEzgb_0BtypzKuDSPNNWPRz9UI_GCfMobrlP6vlBbawmxH-RO0Mj8O8SB7LeRzLCxFSsruOQwcDnyLDioB8E5P4cVqdoMQUiu2KGZPL5nsShfknE56I_NNw%3D%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721376&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=fuoNWNY&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=48970281&kbc2[]=1%3D0.99%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C66%3D0.67%7C62%3D0.93%7C10%3D4.90%7C12%3D0.67%7C60%3D1.01%7Cps%3D0.580%7C3%3D0.32%7C4%3D4.79&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Stocks+To+Invest+In&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=27190006&kbc2[]=1%3D1.63%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C66%3D0.67%7C62%3D1.98%7C10%3D4.90%7C12%3D0.25%7C60%3D1.63%7Cps%3D0.580%7C3%3D0.46%7C4%3D5.00&ktd[]=274911592704&ktrkt[]=Stocks+To+Invest+In&kwd[]=How+to+Start+an+Online+Business&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=14374179&kbc2[]=1%3D0.74%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C66%3D0.67%7C62%3D0.65%7C10%3D4.90%7C12%3D0.34%7C60%3D0.74%7Cps%3D0.580%7C3%3D0.44%7C4%3D4.63&ktd[]=274911592704&ktrkt[]=How+to+Start+an+Online+Business&kwd[]=Small+Kitchen+Designs&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=26322723&kbc2[]=1%3D0.31%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C66%3D0.54%7C62%3D1.21%7C10%3D4.90%7C12%3D0.43%7C60%3D0.20%7Cps%3D0.580%7C3%3D0.12%7C4%3D4.37&ktd[]=274911592704&ktrkt[]=Small+Kitchen+Designs&kwd[]=High+Paying+Jobs&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=13666242&kbc2[]=pmb%3D1%7C1%3D0.23%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C66%3D0.04%7C62%3D0.73%7C10%3D4.90%7C12%3D0.28%7C60%3D0.18%7Cps%3D0.580%7C3%3D0.12%7C4%3D4.07&ktd[]=274911723776&ktrkt[]=High+Paying+Jobs&cid=8CUABW64L&vwid=1660867447968067202&vi=1660867447968067202&tdAdd[]=ib%3D0&vsid=3038690486833483&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=780&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=bg3.co&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721376&vgd_nrrv=57785&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1660867447138744391&sttm=1660867448207&upk=1660867448.23137&hvsid=00001660867448207029185683346639&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3038690486833483&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvHAW~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9WuWuh~8xLjMGvFAFXA.hf~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.fu~8EvAGB9PB~kGGv9~e8QMxLjMjvA9~L88Ex1vh9%2Ch9~J7vuf~LNvu~LEQMQOvf9ff9WuWuf~e8QMGvfX9.Xh~xLjMGv9.9f~xLjM7e8v9~QYYMBLvHA.X9fW~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9WuWuf~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOv9~x8Ov1gBA%3DxQ%2FYipqqYJLb~G7OvF9fuAifuWfWiuWWWWFH9fiiAFHfhhWf9fAuWWhXuXX99AA99ufHXhFFuu9AWiffWhHfuhfu9iAFhfiF9~OfEMjvF9~AENkvuu.iA~x8YvuFXXi~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.WX~myOfEMGv9.WX~exLjMGv9.u~QQvIK~x8Bvii~NJv9~LEQMGvf9.9F~exLjMjvX9~%3DVvfhui~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu9.AW~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.Ah~8exLjMjvX9~QxEEj5M71yM8Ov~e8JB1G8j875v9.Au~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvfAFX9huH9i~QmGEv~N7Lv9.99uh9WiAXh~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXH&vgd_optout=0&vgd_cfud=220331&vgd_scsver=288&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001660867448207029185683346639&subBdr=196&bdrid=313&rc=0&rand=1660867449078&acid=a2eb9836cbc14426a029128f268ef973&matm=1660867449078&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&vgd_ltimesrc=1&vgd_ltime=2533&vgd_rtime=2525&vgd_etm=11&vgd_l1hcsd=Onmqp%7C5372&vgd_l1ch=1&vgd_lhl=2901&vgd_pgid=p0337880750t202208190004&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7c75f56789-4f6dr.SG&vgd_sbSup=1&vgd_nrrs=57785&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fwww.bg3.co%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 19 Aug 2022 00:04:09 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=82368
content-length
15
s
googleads.g.doubleclick.net/pagead/drt/ Frame C690
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 18 Aug 2022 23:38:50 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B015
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 23:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 23:03:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B015
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44050
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660737283953252"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE3E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLCs78Ge660fhgB2GKmla8SCoDZT2vLfXonm01hZAvjsub7T2HHq4TkD8T_0Tohm30YKmIg8CAC8BfnVw1Cta20ZY6OxyTyMggVD5xdWvdYoJ39ZWpHnhAaLsQBybXwTP5FR9vjqdM7vB4BE39VZp2jb5GGryTVrPwpJ7TOdK5cQ0DpR2lg_14S_pt0Aobff_h_sTu2yV9jARmEPjyUPxVQESUNDBfMOY822Vkxak3B1jLkJLTl0Nxci-B6X2luzy6dPX53gaoFdoJEIuaxmbSujcvMDfcJC0RCTW4B-K203btOVBhOOMIPfSU&sai=AMfl-YTfRNjf6H3WZavAWD6eCg0On79kntIP0EfES7r_1bNFYgJOwzzDY3pWN-oxUavNDzvdVOuDJDBwCNMm8oClIdzHuEMncvT-7SrlSvkenYIsYxaYNLI3XkRA4wOv_dM&sig=Cg0ArKJSzAGPOK4wTqGDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Aug 2022 00:04:09 GMT
truncated
/ Frame 693F
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 693F
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 693F
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 693F
15 B
159 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=5489&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7QxtHtOpv8X6ixgU0tpuFxthLypW9AKtyPQUEQw9FWFl-jMxUz_-WpZQCgFu37VibIC7FZBVDKAapRU-EkzR1iZnwPviNxXXzT&cme=xZg34WIXE2M9JEmRGYo39mp2DqCkR6y1bGx9RA-wp3jNXCQfwB_aisIL0jEilP6neR_Iio8EyXYQBZKpR0rhiIzciLlTjAcDzomEJEWsC_PzMbRgKLvVDtFmv1eGyg1EAEZ7AV-sXGrHQt_feKm1fhc_Kyngo9czRJDwzwzDF6I8n-Q_iPwzRhUD-cKDVVoFwoXd8T6hqeoWKRfBKe_guQ%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Cs1zUjvwOfvhx85CMDP4tsmcLbH4Gvn7NIm_iwCuQE2yN1wbhAyHItvRNHit3AE-FpcIbVZMGxpeW08uP6MGJRZvqwu66PTNd0Qc4U-oQg-MqDxuNAnS11akojOVCspSjhX9div3h-NQ%3D%7Cxrl5Md8q4-_ojEqJ-ZPqEDISFRG5d2jVLVnwjxF6eDM%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CMmh50YOoOPvYYLTur3AQgF-da_80YHlTtl2FKhuMQo3VhpHw9Dq7_5Q6wmqUT3AZ1LEup0ETy9JrT64nCiyh2yLAMkzGjMTrMxmmU4LOQ-AC61ET0ok_5ntLfAiH5MKfPtiubWWQxMVTSxqR3vRQ9o8VEF5CxPE5Lbk2SIJCmd1KiRjl8vCoaIXSMfMsJRZhLkxpqV-rqrB1eTpCVYeiDCewY6fCKoaRpluh2LNovrWIB7LRexu6Kw%3D%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721376&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=340189069&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C10%3D4.90%7C62%3D1.10%7C60%3D0.16%7C12%3D0.32%7C66%3D0.67%7C1%3D0.16%7Cps%3D0.580%7C3%3D0.15%7C4%3D4.52&ktd[]=274894815488&ktrkt[]=Website+Maker+App&kwd[]=Best+Bank+for+a+Savings+Account&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=324879789&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C10%3D4.90%7C62%3D0.93%7C60%3D0.34%7C12%3D0.81%7C66%3D0.67%7C1%3D0.60%7Cps%3D0.580%7C3%3D0.21%7C4%3D5.00&ktd[]=274911592704&ktrkt[]=Best+Bank+for+a+Savings+Account&kwd[]=Best+Priced+Car+Insurance&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=48970281&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C10%3D4.90%7C62%3D0.93%7C60%3D1.01%7C12%3D0.67%7C66%3D0.67%7C1%3D0.99%7Cps%3D0.555%7C3%3D0.32%7C4%3D4.79&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Vitamins+for+Hair+Loss&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=30111142&kbc2[]=101%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C10%3D4.90%7C62%3D1.31%7C60%3D0.34%7C12%3D0.52%7C66%3D0.24%7C1%3D0.45%7Cps%3D0.555%7C3%3D0.11%7C4%3D4.29&ktd[]=274911854848&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Stocks+To+Invest+In&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=27190006&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.35%7C10%3D4.90%7C62%3D1.98%7C60%3D1.63%7C12%3D0.25%7C66%3D0.67%7C1%3D1.63%7Cps%3D0.580%7C3%3D0.46%7C4%3D5.00&ktd[]=274911592704&ktrkt[]=Stocks+To+Invest+In&cid=8CUABW64L&vwid=1660867447898444029&vi=1660867447898444029&tdAdd[]=ib%3D0&vsid=3038690486833491&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=780&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=bg3.co&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721376&vgd_nrrv=57785&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1660867447166806981&sttm=1660867448283&upk=1660867448.9323&hvsid=00001660867448283029185683347978&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3038690486833491&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvHAW~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9WuWuh~8xLjMGvFAFXA.hf~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.fu~8EvAGB9PB~kGGv9~e8QMxLjMjvA9~L88Ex1vh9%2Ch9~J7vuX~LNvf%2Ch~LEQMQOvf9ff9WuWuf~e8QMGvh9f.9W~xLjMGv9.9f~xLjM7e8v9~QYYMBLvAF.XW9H~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9WuWuf~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOv9~x8Ov1gBApUz9kizPL%2F0BN~G7OvF9fuAifuWfWiuiA9iWhFF9hAiH9FiuAuWFhuHiu9FWhHA99FiAfFHWfXi9fHAf99WuuX9hhhWhffFuuf~OfEMjvF9~AENkvuu.iA~x8YvuFXXi~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.WX~myOfEMGv9.WX~exLjMGv9.u~QQvIK~x8Bvii~NJv9~LEQMGvf9.9F~exLjMjvX9~%3DVvfhui~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu9.AW~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.uX~8exLjMjvX9~QxEEj5M71yM8Ov~e8JB1G8j875v9.WH~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvfAFX9huH9i~QmGEv~N7Lv9.99uh9WiAXh~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfX9&vgd_optout=0&vgd_cfud=220331&vgd_scsver=288&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001660867448283029185683347978&subBdr=196&bdrid=313&rc=0&rand=1660867449154&acid=ed189ddc833142d48fc1d12659c1d7ce&matm=1660867449154&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&vgd_ltimesrc=1&vgd_ltime=2468&vgd_rtime=2457&vgd_etm=10&vgd_l1hcsd=Onmqp%7C5372&vgd_l1ch=1&vgd_lhl=2908&vgd_pgid=p0337880750t202208190004&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7c75f56789-vdw9z.SG&vgd_sbSup=1&vgd_nrrs=57785&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fwww.bg3.co%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 19 Aug 2022 00:04:09 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=82368
content-length
15
log
lg3.media.net/ Frame 086E
35 B
206 B
Image
General
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUABW64L&vi=1660867447898444029&hvsid=00001660867448283029185683347978&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=793&l2s_downloadTime=29&l2s_total=823&l2s_start=1714&l2s_sslTime=0&l2s_nhp=h2&l1s_dnsTime=0&l1s_connectionTime=0&l1s_waitTime=779&l1s_downloadTime=766&l1s_total=1545&l1s_start=133&l1s_sslTime=0&l1s_nhp=h2&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
server
Jetty(9.4.35.v20201120)
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 19 Aug 2022 00:04:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6EEF
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
3049e5547df186133f61e510d45f522e001d34ed6e1f891e5ffcb9e2be7cb81b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11028
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C690
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:09 GMT
expires
Fri, 19 Aug 2022 00:04:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:09 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7E19
107 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7E19
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Raleway-bold.woff
res-a.akamaihd.net/__media__/fonts/Raleway-bold/ Frame 7E19
31 KB
31 KB
Font
General
Full URL
https://res-a.akamaihd.net/__media__/fonts/Raleway-bold/Raleway-bold.woff
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.209 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-209.pacnet.net
Software
nginx /
Resource Hash
e789f7935d6d7776a0c2341570220c445bc1c493381518c085e641f9128b8938

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:09 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-7cc4"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31940
log
hblg.media.net/ Frame 086E
35 B
194 B
Image
General
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=ARi1xNbs8Z8sIaGsqbp9Og&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=0.0017089357&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=2028b3b1&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=84&renderer=1&be=0&rtime=28.0&adj0=0.0&tmax=300&s_ip=172.217.47.8&adj2=0.0&adj1=0.0&feedback_id=ARi1xNbs8Z8sIaGsqbp9Og&adtypes=0&mx_aabpc=0&reqid=ARi1xNbs8Z8sIaGsqbp9Og&sc=AU-NSW&mowxReqId=ed189ddc833142d48fc1d12659c1d7ce_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&bidrestime=1660867446239&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-34-20&coppa_enf=true&bdp=0.020&ct=Sydney&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=ed189ddc833142d48fc1d12659c1d7ce&actltime=36&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1660868046493&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.02&pvdTmax=250&ltime=35.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=8884045665999_171750298_52982010413131&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=44&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-55fbd456c8-rps7x&currsrc_date=2022-08-18+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-19+00%3A04%3A06&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET6-YZS3ZeaCPDv0Ov7KNopWt3rFMMtSx0sh670YVZXelD1kbvkpWrNvpsYt0jrEtMwA&dmm_ogerpm=false&csip=rtb-common-istio-7c75f56789-vdw9z.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D438~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022081817~iurl_b%3D63653.72~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.21~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D70%2C70~et%3D15~rc%3D2%2C7~rps_sd%3D2022081812~vis_b%3D702.08~url_b%3D0.02~url_tvi%3D0~smm_wr%3D36.5804~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022081812~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3DaQw3Wkn0f9nUrVPwc~btd%3D60213921828919309876607394069131867149106874300693264825902432008115077787226112~d2p_l%3D60~3pcf%3D11.93~uim%3D16559~dmm_strg%3Dno_strategy~d2p_b%3D0.85~ogd2p_b%3D0.85~vurl_b%3D0.1~ss%3DNA~uiw%3D99~ce%3D0~rps_b%3D20.06~vurl_l%3D50~CI%3D2719~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.38~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.15~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.84%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D0.0017089357%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D250&utime=2047&sf=0&cpr=0.6090242551325289&evttyp=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660867445113&bpp=13&bdt=1573&idt=520&shv=r20220817&mjsv=m202208160101&ptt=5&saldr=sa&correlator=509861749425&frm=23&ife=1&pv=2&ga_vid=842954889.1660867446&ga_sid=1660867446&ga_hid=581034293&ga_fc=0&ga_cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=947009565&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068737%2C31068956%2C31068991&oid=2&pvsid=1413095467614123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tvnb2co2wjin&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 19 Aug 2022 00:04:09 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:09 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 Aug 2022 00:04:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6EEF
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B015
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 23:05:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3527
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Sep 2022 23:05:22 GMT
log
hblg.media.net/ Frame DE3E
35 B
194 B
Image
General
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3863509334020428170&s_city=los+angeles&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.010&size=120x600&mx_TAS=1&mx_gpid_sent=false&xtmax=148&commit_id=2028b3b1&scrid=351639019&itypeid=21&mx_SPRIG=0&viewability=80&renderer=0&be=0&rtime=31.0&adj0=0.0&tmax=150&s_ip=104.254.149.143&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3863509334020428170&sc=NSW&mowxReqId=626ddf6fe03f40b38483d03d2ea05b3e_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&bidrestime=1660867446236&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CU4JWBS7-781214713-34-29&coppa_enf=true&devmodel=Unknown&bdp=0.010&ct=Beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D148%7CHARMONY%7Cbrr%3D1&mx_epbc=8CU4JWBS7&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.360topics.com&dn=bg3.co&dt=O&acid=626ddf6fe03f40b38483d03d2ea05b3e&actltime=36&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.003&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=11901&bfs=103&rfc=-1&prvApiId=8CU4JWBS7&epcexp=false&pubid=pub-appnexus-exp&mx_bsProfile=0&cid=8CU2CV286&bcrid=351639019&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=HARMONY&pst=0&reqsize=120x600&adpos=0&itype=APPNEXUS_EXPERIMENT&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-exp&__expireat=1660868046490&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=781214713&ckfl=0&lper=1&mx_tgs=120x600&cbdp=0.003&pvdTmax=104&ltime=36.0&epc=781214713&prvReqId=34667811805554_761901305_75211561241&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS_EXPERIMENT-1800859&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=42&apTags%3C%3E=75&mx_PC=1&wsip=mowx-5576ffddc4-9cz69&currsrc_date=2022-08-18+00%3A00%3A00&mx_divid=22132338&geoll=false&omid=0&debug_ts=2022-08-19+00%3A04%3A06&mx_ssProfile=0&devbrand=Unknown&mx_SC=0&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=22132338&snm=SUCCESS&mx_IAB2=0&usp_enf=0&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=0.1&pvid=4&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-common-65b8cc4946-kbpj5.LA&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=22132338&ptype=23&media=0&acsn=1&dtc=west_la&mx_aqcpl_crid=4&ogbdp=0.01&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=752115612&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=22132338&opbidflr=0.000&impId=1661956972519986466&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D446~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022081812~iurl_b%3D5862.7~url_tkc%3D0~std%3D22132338~last%3D~vis_url_b%3D0.97~ip%3D3bw0WO~fbb%3D0~vis_url_l%3D30~riipua%3D1%2C1~et%3D30~rc%3D1~rps_sd%3D2022081813~vis_b%3D988.28~url_b%3D0.17~url_tvi%3D0~ecp_eer%3D10~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daBUAdtWG83b8nS~btd%3D928372126040856338803392887007122377326443609169687566937783050701076958744576~d2p_l%3D50~3pcf%3D203.05~uim%3D785~dmm_strg%3Dharmony~d2p_b%3D0.99~ogd2p_b%3D0.99~vurl_b%3D0.36~ss%3DNA~uiw%3D80~ce%3D0~rps_b%3D16.28~vurl_l%3D50~CI%3D2719~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.76~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.82~ivurl_l%3D50~supply_tag_id%3D22132338%7Eviewability%3D0.800631%7Ecbdp%3D0.003%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Edcut%3D65%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D104&utime=2273&sf=0&cpr=0.815320953103545&evttyp=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 19 Aug 2022 00:04:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1EA8
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
02505e4ef13301359aeaf332c2c5bc58b77df98e8e33c8d210673722f9061b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11095
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame B015
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTW-CTVb-H6cAC5_8vZ8dTB-vYZ944P9pO43ol4rACSphNHvqFWCB5cYDUI93Ykt3wUU2PiM4D8DY8E-E6rx-gjjh1utQ
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

truncated
/ Frame B015
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a084a8dec099905e94f6965a54c20b5caec97f71e316147ab4ead776dae393e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F143
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
431585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 00:11:04 GMT
expires
Mon, 14 Aug 2023 00:11:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ACE0
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
GSE /
Resource Hash
a777ffc0d7c8a418b7c52b74a7c0266061f1bf8a6c84ebd59bdb8ab7a01e036d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--0tYbi4HXYr9HrgY8VGmEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce--0tYbi4HXYr9HrgY8VGmEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:09 GMT
expires
Fri, 19 Aug 2022 00:04:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame A3B8
42 B
69 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyHXOKarHo6jrQl8YDh6T0CkzMaVeSC-WefGV7dgR5LPz2U66-s77dMMTaLsvQUvOJNSCruq36gihBRIku9WNs10Qdcs-BQaRp3gAxHKdN32N2-8Aq47b0GbcBQ7wdLWJRBZyUew2cRtSf0BCpBE9Ho08sgAjVdFM9vX384VcNdlcSlQWONlZTrQ_c_tn9firnJHgmi9n2Wx_4_cWq-Blyhw9eQVkD1rmTuAVptYwKyW2HUFZ_2faR0EBL6TPmghRjR-ehJgd4ljtnk0mY3iQXlIt86ISbUiROvbK72-PdgbmjtMAvhAp0z-cj-EqdaYmwEZczXh7efOH1j35Pi_XLMLJwacIcTuBjlswHvvg8Bndh5yBIOLjX0ABsDjehwUuVwhwpL3ZrvNRqwKHDy4sLhv2xKdXV-7koYm3sUZr5lkUCEoH83zDKo4rOjGeyiilEhYkozqbc_elloazXJ--OwURHFlsJxCHBD9BxQOjemyBP4zTtpfp-JWw6c-NpXQS8gMtxbuo72H7WC9NZSmgZ46A0kZAkm7BXILs4HoVBiqeYxVPnweEI8Ae3jIWOc8HhocZDeBwAaKMeebKSJgLvaCvvDutDk5a-utClhf-Qd6j7wUlaQoUxwDi27avNBcRrqzOxpuP77q84iINny0rE65V-cGF76SzXZEmO9p6qPjhtrP7s3heSSu4_q6UTxuzDpocvz9jeHECb7gmXC9LnEbecbP0XTnKYNCSOxpczkPf9bGgVhsaYNy3nh4LxIksv1dO_j6stYP1KKmdhd8y1hYgkd8wom1iUPekzrsINZZS7T67Ju27lXnf9z_eVtvnTR1A6a3L4dNpaAW2m6TkhBNQ3K-jsrDvPoFvXcMIOBiSgRjMVC-Jad4XHGuhlBMyPb9PQOhgUI6ARxSImgUhDRnao6hN8730IUFOfyPLIzp3I7TpA2KUYEVnTMF0piHcLQwtT1IrPb-2Riu1-B2GFPiaJZQHpF3rP9bg3CqSWpDKn7tdBgh0LUeopgxXRsF1wg898lX3eXfP6TU6VHZNjqprSIrqWDL-m6uTwuKuxTflUgBgMtiN_2V0eM-kUXKZqQqFwz3rfgP13uG2elEE6jTYXYYbjDDAs1FhhRCZI4EhyQ1yBwYUB_vEaMV33oyTvGqdpm3lfimtjjPT93Zb8Y8GEq_rzHA0tAW4AaEn0UsWceka1RoVkKyiJQuBs0TcdZ5cObzbhL6s&sai=AMfl-YSOVDBqkYbxJ6DX-8FRe-AIdtVFrDiDwc9vA5uaUt9FlX64jltkX0cKUjZE8oclZuvDMPuVTStxTvEIP_tJd4i2HU-HieKSzBrcUs-vCqSNn9BzEU-6S9uumfYcSmY03_Wy9Ua0X_31-g&sig=Cg0ArKJSzPfysuRxcSijEAE&cid=CAASFeRoGKuL7BHfSYffzfBwV0ScMohxCA&id=ampim&o=640,1110&d=320,50&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=675&tls=1675&g=100&h=100&tt=1676&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2857874404
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1EA8
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js?bust=31068991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:09 GMT
vevent
lax1-ib.adnxs.com/ Frame DE3E
0
836 B
Ping
General
Full URL
https://lax1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&e=wqT_3QKsBeisAgAAAwDWAAUBCPam-5cGEKKqppj6oZ2IFxgAKjYJ-n5qvHSTaD8RDjLJyFnYYz8ZAAAAoJmZuT8hDg0SACkRJNAxAAAAQOF6lD8w8uzGCjj9XEDqXEjgA1Drq9anAVi5tIoBYABotZGzAXgAgAEBigEDVVNEkgUG8HGYAXigAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALR8FzqAnVodHRwczovL3d3dy5iZzMuY28vYS9kaS0xdGlhbi1zaGFuZy14dWUtdGEtZGEta3UtYS1tYS1waW5nLWppLXlpLXhpYW4BDGRlLXN1bi1udS1odWktamlhLWppZS13ZWktYwFDAHkBBfDCY29uZy5odG1sgAMAiAMBkAMAmAMXoAMBqgNBEhgzODYzNTA5MzM0MDIwNDI4MTcwX3NiaWQaEzE2NjE5NTY5NzI1MTk5ODY0NjYiCTM1MTYzOTAxOSoFTTExNzPAA6wCyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3My4yNDUuMjA5LjE0MqgEALIEDwgAEAQYeCDYBCgBMAA4ArgEAMAEAMgEANoEAggB4AQB8ATrIX1YiAUBmAUAoAWKo8aF0Kj8zjXABQDJBQAFARTwP9IFCQkFC3wAAADYBQDgBQHwBcWUIfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvnjAtoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUAYACAAMAA4iAFAAMgHANIHDRV1ATYI2gcGCSVo4AcA6gcCCADwB5jQCooIAhAAlQgAAIA_mAgB&s=9a128adc4b983cd514c3cac87bb898acbbe5b4e0&type=pv&jm=1003&px=5&py=300&bw=120&bh=600&sf=1&sid=3441609731678078018&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:09 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c5baf7c3-ac85-4bd1-8fa7-869b96b07739
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame ACE0
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=3581665887227268&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame F143
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
186320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:18:49 GMT
bql.php
lg3.media.net/ Frame 7E19
15 B
159 B
Script
General
Full URL
https://lg3.media.net/bql.php?vgd_len=5964&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxvIQ9_W4KGN0cfccrSYyHhZf6dWnF0AbjfWUOFJBml9c_P2Yuq4gtT6ole9muKJGH30OOkjXwRSj3t79od3r_-CgssH7dZl96OTwqv4_LSk2&cme=RaW-F_Iv17lAP0MbFDKMmrua6UMYSsOyp7x1sjIY5FGIIOGvP9ic1NY_twi-lECzGTbvGZ08TTwGnuxsKeifhqDhQ-30Zmb5tDByBjxZmpboZlTlifl8WolZUOU8oDFZ14BN-B0fc_qcKjoGUjx9AHLESXn7SWlFZnsi5UuCjV4b1gylHAkkDWM5ny6WSsZ2cqVv8zrXVVL26ydMnifJWdytscQzs_TB%7C%7Cs1zUjvwOfvhx85CMDP4tsmcLbH4Gvn7NIm_iwCuQE2yN1wbhAyHItvRNHit3AE-FpcIbVZMGxpeW08uP6MGJRZvqwu66PTNd0Qc4U-oQg-MqDxuNAnS11akojOVCspSjhX9div3h-NQ%3D%7Ct38fJwNLudcOxjwfnfa8ERg-37-HEEgoxRl1pyjnMgh8oCQsQ9x1MHPGqj50ai74sbgnmdNQeTX_RdbLkc8Cdv0h9qoz1Ko5rf0LmiUJdei-W_YwNvJHW9iz0ycfnNbvkNr9SHqluDjpnIyINy-ExOC6jbE_eBMpUkvJDnb8YzQFBI392b5zXlx-Mm6u6E_BVGyLC9y8KAjNmXKeBGaQmTO-XlYZooopMz3dUa5YVRSrfcadbteRpw%3D%3D%7Cu8A6SM53vAfcrpZuel3W3DwMTuFdyyxb%7CR0pGwT-1wLcnervD5TbKub4gKhjiBXnT%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=3&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721376&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=240&vgde_kbbh=fuoyxQBuG&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=329544111&kbc2[]=1%3D3.04%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.18%7C62%3D1.03%7C63%3D0.35%7C10%3D4.90%7C60%3D5.60%7C66%3D0.67%7Cps%3D0.555%7C3%3D1.73%7C4%3D4.00&ktd[]=274894815488&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Value+of+My+Used+Car&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=29672219&kbc2[]=1%3D1.38%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.56%7C62%3D0.91%7C63%3D0.35%7C10%3D4.90%7C60%3D1.38%7C66%3D0.67%7Cps%3D0.555%7C3%3D0.54%7C4%3D3.28&ktd[]=274911592704&ktrkt[]=Value+of+My+Used+Car&kwd[]=Best+Priced+Car+Insurance&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=48970281&kbc2[]=1%3D0.74%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.65%7C62%3D0.93%7C63%3D0.35%7C10%3D4.90%7C60%3D0.75%7C66%3D0.67%7Cps%3D0.555%7C3%3D0.32%7C4%3D4.00&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+High+Return+Investments&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=326649050&kbc2[]=101%7C1%3D6.05%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.75%7C62%3D1.03%7C63%3D0.35%7C10%3D4.90%7C60%3D11.06%7C66%3D0.67%7Cps%3D0.555%7C3%3D0.81%7C4%3D3.67&ktd[]=274895077632&ktrkt[]=Best+High+Return+Investments&kwd[]=Vitamins+for+Hair+Loss&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=5&kid[]=30111142&kbc2[]=101%7C1%3D0.52%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.52%7C62%3D1.31%7C63%3D0.35%7C10%3D4.90%7C60%3D0.52%7C66%3D0.24%7Cps%3D0.555%7C3%3D0.14%7C4%3D4.00&ktd[]=274911854848&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Make+Money+Online&kwt[]=112&kbc[]=&kwp[]=6&kid[]=18277963&kbc2[]=&ktd[]=&kwd[]=Online+Greetings&kwt[]=112&kbc[]=&kwp[]=7&kid[]=21239800&kbc2[]=&ktd[]=&cid=8CU4JWBS7&vwid=1660867448376738051&vi=1660867448376738051&tdAdd[]=ib%3D0&vsid=3038690486833451&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=780&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_katid=808076868&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3Dna%7C%7Cttd%3D8&vgd_kalog=HID%3D0%7C%7CUUID%3DjetOqsIgmUsPclj2w%7C%7CSI%3D2791%7C%7CCI%3D2792%7C%7CTPTD%3D638507035001860%7C%7CMPTD%3D656%7C%7CMI%3D2792%7C%7CSID%3D9%7C%7CTLID%3D6&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721376&vgd_nrrv=57785&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8POGBHUQ8&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1660867448138207904&sttm=1660867448507&upk=1660867448.21242&hvsid=00001660867448507029185683341808&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&lineitemid=4&vgd_ecrid=351639019&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POGBHUQ8&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3038690486833451&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~e8QMQOvHHF~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9WuWuf~8xLjMGvXWFf.h~xLjM7UNv9~Q7OvffuAfAAW~j1Q7v~e8QMxLjMGv9.ih~8EvAGB9pa~kGGv9~e8QMxLjMjvA9~L88Ex1vu%2Cu~J7vA9~LNvu~LEQMQOvf9ff9WuWuA~e8QMGviWW.fW~xLjMGv9.uh~xLjM7e8v9~JNEMJJLvu9~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~Q8OvufiHWkO9k1GAWJhkhOufH1WOiX9FJuHA~QOv9~x8OvkfO1RPKO7pZWAGWzb~G7OvifWAhfufF9H9WXFAAWW9AAifWWh99huffAhhAfFHHAF9iuFiFWhXFFiAhhWA9X9h9u9hFiXWhHHXhF~OfEMjvX9~AENkvf9A.9X~x8YvhWX~OYYMQ7Lyvw1LYmz5~OfEMGv9.ii~myOfEMGv9.ii~exLjMGv9.AF~QQvIK~x8BvW9~NJv9~LEQMGvuF.fW~exLjMjvX9~%3DVvfhui~z7Qvu~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvf.hF~8Q8kv9~jNvA~G8Ov9.9u~ONvW~ejfLMGv9.Wf~8exLjMjvX9~QxEEj5M71yM8OvffuAfAAW~e8JB1G8j875v9.W99FAu~NGOEv9.99A~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvBJQ7Mj1~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.999~myG8Ov9.9u9~875EJM8Ovfu~QJjjJLM71yM8OvffuAfAAW~N1LL8JLVOv9~ONx7vFX~OmyGv9ou~8GNvu~OO7vou~zQlvu~7yQvuf9-F99~GQGv9~GQEv9~7Y-vu9H&vgd_optout=0&vgd_cfud=220503&vgd_scsver=288&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=120_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=west_la&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A120%3Brend_h%3A600%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001660867448507029185683341808&subBdr=196&bdrid=4&rc=0&rand=1660867449349&acid=626ddf6fe03f40b38483d03d2ea05b3e&matm=1660867449349&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&vgd_x_pos=5&vgd_y_pos=300&vgd_ren_page_h=3660&vgd_ltimesrc=1&vgd_ltime=1925&vgd_rtime=1270&vgd_etm=11&vgd_l1hcsd=Onmqp%7C5372&vgd_l1ch=1&vgd_lhl=2672&vgd_pgid=p0337880750t202208190004&vgd_adprefflag=01&vgd_csip=rtb-common-65b8cc4946-kbpj5.LA&vgd_sbSup=1&vgd_nrrs=57785&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F103512698%2C22574853003%2F22579309510_0__container__%7CDIV-STICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 19 Aug 2022 00:04:10 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=82367
content-length
15
log
lg3.media.net/ Frame DE3E
35 B
206 B
Image
General
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CU4JWBS7&vi=1660867448376738051&hvsid=00001660867448507029185683341808&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=801&l2s_downloadTime=20&l2s_total=821&l2s_start=430&l2s_sslTime=0&l2s_nhp=h2&l1s_dnsTime=0&l1s_connectionTime=0&l1s_waitTime=324&l1s_downloadTime=78&l1s_total=403&l1s_start=10&l1s_sslTime=0&l1s_nhp=h2&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
server
Jetty(9.4.35.v20201120)
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 19 Aug 2022 00:04:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D67
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
431586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 00:11:04 GMT
expires
Mon, 14 Aug 2023 00:11:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E84E
783 B
537 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
GSE /
Resource Hash
4f4a0fd9d20a4628fc9e0ec96433b5bcfe1a660a682761622fd0af78dab8c1a1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_WZ6SAC1-6mYj6RgDHDKgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-_WZ6SAC1-6mYj6RgDHDKgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:10 GMT
expires
Fri, 19 Aug 2022 00:04:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame F143
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?WOQAgQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DE3E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJaL9KLViZyI7PpBm3Uipa8Tf0PTZxxMGliS0wcYyMHm4PtQbEg81puyFsXlbIEir_NwdXTbF5CjTgEgtSDBoz3vxdtqEa39CRLVWIfMxFKrSq7AFK&sig=Cg0ArKJSzCuSoKhvHk1mEAE&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660867448082&rpt=1046&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bqi.php
lg3.media.net/ Frame 086E
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?vgd_len=3224&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8PO15GP54&katbid=-103&katen=1&cme=xZg34WIXE2M9JEmRGYo39mp2DqCkR6y1bGx9RA-wp3jNXCQfwB_aisIL0jEilP6neR_Iio8EyXYQBZKpR0rhiIzciLlTjAcDzomEJEWsC_PzMbRgKLvVDtFmv1eGyg1EAEZ7AV-sXGrHQt_feKm1fhc_Kyngo9czRJDwzwzDF6I8n-Q_iPwzRhUD-cKDVVoFwoXd8T6hqeoWKRfBKe_guQ==||u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|s1zUjvwOfvhx85CMDP4tsmcLbH4Gvn7NIm_iwCuQE2yN1wbhAyHItvRNHit3AE-FpcIbVZMGxpeW08uP6MGJRZvqwu66PTNd0Qc4U-oQg-MqDxuNAnS11akojOVCspSjhX9div3h-NQ=|xrl5Md8q4-_ojEqJ-ZPqEDISFRG5d2jVLVnwjxF6eDM=|sj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U|Mmh50YOoOPvYYLTur3AQgF-da_80YHlTtl2FKhuMQo3VhpHw9Dq7_5Q6wmqUT3AZ1LEup0ETy9JrT64nCiyh2yLAMkzGjMTrMxmmU4LOQ-AC61ET0ok_5ntLfAiH5MKfPtiubWWQxMVTSxqR3vRQ9o8VEF5CxPE5Lbk2SIJCmd1KiRjl8vCoaIXSMfMsJRZhLkxpqV-rqrB1eTpCVYeiDCewY6fCKoaRpluh2LNovrWIB7LRexu6Kw==|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&vi=1660867447898444029&ugd=4&cc=AU&sc=NSW&bdrid=313&subBdr=196&vgd_kwrf=https%3A%2F%2Fwww.bg3.co&startTime=1660867448276&l2type=sca&vgd_l1rakh=1660867447166806981&l1ch=1&cref=https%3A%2F%2Fwww.bg3.co%2F&sttm=1660867448283&upk=1660867448.9323&hvsid=00001660867448283029185683347978&acid=ed189ddc833142d48fc1d12659c1d7ce&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D438~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022081817~iurl_b%3D63653.72~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.21~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D70%2C70~et%3D15~rc%3D2%2C7~rps_sd%3D2022081812~vis_b%3D702.08~url_b%3D0.02~url_tvi%3D0~smm_wr%3D36.5804~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022081812~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3DaQw3Wkn0f9nUrVPwc~btd%3D60213921828919309876607394069131867149106874300693264825902432008115077787226112~d2p_l%3D60~3pcf%3D11.93~uim%3D16559~dmm_strg%3Dno_strategy~d2p_b%3D0.85~ogd2p_b%3D0.85~vurl_b%3D0.1~ss%3DNA~uiw%3D99~ce%3D0~rps_b%3D20.06~vurl_l%3D50~CI%3D2719~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D10.38~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.15~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.84%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D0.0017089357%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D250&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_sc=NSW&infr=1&twna=1&stime=1660867446708&vgd_ecrid=1700080812610100250025000000500&l1hcsd=l1!Onmqp|5372&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p0337880750t202208190004&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 19 Aug 2022 00:04:10 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=80451
content-length
15
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 4D67
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
186321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:18:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E84E
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=1413095467614123&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bqi.php
lg3.media.net/ Frame DE3E
15 B
15 B
Image
General
Full URL
https://lg3.media.net/bqi.php?vgd_len=3094&lf=3&&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_l2type=sca&pid=8POGBHUQ8&kalog=HID=0||UUID=jetOqsIgmUsPclj2w||SI=2791||CI=2792||TPTD=638507035001860||MPTD=656||MI=2792||SID=9||TLID=6&kals=ttype=10019||pt=1||lmid=na||ttd=8&kasts=tstype=-10408||gbid=-1&kata=aton&katbid=-21&katen=1&katid=808076868&cme=RaW-F_Iv17lAP0MbFDKMmrua6UMYSsOyp7x1sjIY5FGIIOGvP9ic1NY_twi-lECzGTbvGZ08TTwGnuxsKeifhqDhQ-30Zmb5tDByBjxZmpboZlTlifl8WolZUOU8oDFZ14BN-B0fc_qcKjoGUjx9AHLESXn7SWlFZnsi5UuCjV4b1gylHAkkDWM5ny6WSsZ2cqVv8zrXVVL26ydMnifJWdytscQzs_TB||s1zUjvwOfvhx85CMDP4tsmcLbH4Gvn7NIm_iwCuQE2yN1wbhAyHItvRNHit3AE-FpcIbVZMGxpeW08uP6MGJRZvqwu66PTNd0Qc4U-oQg-MqDxuNAnS11akojOVCspSjhX9div3h-NQ=|t38fJwNLudcOxjwfnfa8ERg-37-HEEgoxRl1pyjnMgh8oCQsQ9x1MHPGqj50ai74sbgnmdNQeTX_RdbLkc8Cdv0h9qoz1Ko5rf0LmiUJdei-W_YwNvJHW9iz0ycfnNbvkNr9SHqluDjpnIyINy-ExOC6jbE_eBMpUkvJDnb8YzQFBI392b5zXlx-Mm6u6E_BVGyLC9y8KAjNmXKeBGaQmTO-XlYZooopMz3dUa5YVRSrfcadbteRpw==|u8A6SM53vAfcrpZuel3W3DwMTuFdyyxb|R0pGwT-1wLcnervD5TbKub4gKhjiBXnT|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|&gdpr=0&prid=8PRVCXX19&cid=8CU4JWBS7&crid=781214713&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&vi=1660867448376738051&ugd=4&cc=AU&sc=NSW&bdrid=4&subBdr=196&startTime=1660867448502&l2type=sca&vgd_l1rakh=1660867448138207904&l1ch=1&sttm=1660867448507&upk=1660867448.21242&hvsid=00001660867448507029185683341808&acid=626ddf6fe03f40b38483d03d2ea05b3e&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vis_sd%3D446~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022081812~iurl_b%3D5862.7~url_tkc%3D0~std%3D22132338~last%3D~vis_url_b%3D0.97~ip%3D3bw0WO~fbb%3D0~vis_url_l%3D30~riipua%3D1%2C1~et%3D30~rc%3D1~rps_sd%3D2022081813~vis_b%3D988.28~url_b%3D0.17~url_tvi%3D0~ecp_eer%3D10~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~sid%3D12948fd0fab38e7f7d124a8d9506e143~sd%3D0~uid%3Df2daBUAdtWG83b8nS~btd%3D928372126040856338803392887007122377326443609169687566937783050701076958744576~d2p_l%3D50~3pcf%3D203.05~uim%3D785~dmm_strg%3Dharmony~d2p_b%3D0.99~ogd2p_b%3D0.99~vurl_b%3D0.36~ss%3DNA~uiw%3D80~ce%3D0~rps_b%3D16.28~vurl_l%3D50~CI%3D2719~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.76~isif%3D0~lc%3D3~bid%3D0.01~dc%3D8~vl2r_b%3D0.82~ivurl_l%3D50~supply_tag_id%3D22132338%7Eviewability%3D0.800631%7Ecbdp%3D0.003%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Dwest_la%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.010%7Eitype_id%3D21%7Eseller_tag_id%3D22132338%7EcarrierId%3D0%7Edcut%3D65%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D120x600~bsb%3D0~bsp%3D0~tmx%3D104&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=NSW&lineitemid=4&infr=1&stime=1660867448091&vgd_ecrid=351639019&l1hcsd=l1!Onmqp|5372&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22west_la%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p0337880750t202208190004&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Fri, 19 Aug 2022 00:04:10 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=80451
content-length
15
rid
match.adsrvr.org/track/
108 B
646 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
5878db72775119d2bb47ed38b5363cbf4dc6fdad673e78529fd6e81afda84bde

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Aug 2022 00:04:10 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 18 Sep 2022 00:04:10 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0859
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
69751
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 19 Aug 2022 00:04:10 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 69224
X-Served-By
cache-lga13622-LGA, cache-syd10172-SYD
X-Timer
S1660867451.668234,VS0,VE0
/
onetag-sys.com/usync/ Frame 732B
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1660867446151
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 72C3
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Aug 2022 00:04:11 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 4443
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-81.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2394
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 18 Aug 2022 23:24:18 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-id
j2RYdS8Fzy30xPEuot1RAlRMhggAnOivqnq7JNyD6Md67XpeSx_5TA==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame B5D4
36 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a32f145ebce429e33c7295b9ee1f383ae8b8cf476bd137924c2f26636003087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Fri, 19 Aug 2022 00:04:10 GMT
expires
Sun, 21 Aug 2022 00:04:10 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 181C
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.239 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Aug 2022 00:04:11 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame E988
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1019 B
Document
General
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
9b271bd19560e2ae339c8fcb089aa64a617b1958acb7e0c6dd95544d4cabf4a4

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
454
content-type
text/html; charset=utf-8
date
Fri, 19 Aug 2022 00:04:11 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 19 Aug 2022 00:04:10 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 34A9
532 B
639 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0a7f5e9222d04e5ee7e7449be422f7ca5c4cc117123ce70855cf978af909764a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
327
content-type
text/html
date
Fri, 19 Aug 2022 00:04:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/
0
101 B
Image
General
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
generate_204
tpc.googlesyndication.com/ Frame 4D67
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?HJfo4g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 34A9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=6930922757553007061&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=6930922757553007061&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=6930922757553007061&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 34A9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6e6ec024-47f7-7509-cf7a-db9b96953ace&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=79c13aec-f358-494c-84cc-ab07497fac3e&ttd_puid=6e6ec024-47f7-7509-cf7a-db9b96953ace&gdpr=0&gdpr_consent=
43 B
264 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=79c13aec-f358-494c-84cc-ab07497fac3e&ttd_puid=6e6ec024-47f7-7509-cf7a-db9b96953ace&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=79c13aec-f358-494c-84cc-ab07497fac3e&ttd_puid=6e6ec024-47f7-7509-cf7a-db9b96953ace&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 34A9
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yv7Te8Co5sMAAM3v3BsAAAAA
43 B
106 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yv7Te8Co5sMAAM3v3BsAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
36
Date
Fri, 19 Aug 2022 00:04:11 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":36,"gdpr":false,"ipv4":"173.245.209.142","key":"Yv7Te8Co5sMAAM3v3BsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad356"}
X-SO-Ads-Time
2
X-SO-Key
Yv7Te8Co5sMAAM3v3BsAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad356
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yv7Te8Co5sMAAM3v3BsAAAAA
Cache-Control
private
X-SO-HostName
m-ad356.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40005.dc2p.scaleout.jp
X-SO-IP
173.245.209.142
sd
jp-u.openx.net/w/1.0/ Frame 34A9
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdMYmEq-DvP0ks8ADsd_sDfAoM8AAAGCs2oc3w
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdMYmEq-DvP0ks8ADsd_sDfAoM8AAAGCs2oc3w
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
via
1.1 61726f6e6656624f90145ef79b7954ea.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdMYmEq-DvP0ks8ADsd_sDfAoM8AAAGCs2oc3w
cache-control
no-cache
content-length
0
x-amz-cf-id
2ExtCQe-6_D-0NJopzXElRhxxFGtn7Hq_bve9yNHdSaJyn44PnB8dQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 34A9
170 B
191 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDIwMTEzZWUtOGU4MC0yYmFkLWRhOWEtODEyMjVjNzdmNGFl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 34A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrp9vz_IFkwtyErOoflUtI&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrp9vz_IFkwtyErOoflUtI&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFrp9vz_IFkwtyErOoflUtI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 086E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcsCzCzIEeyV8RK6fIHYeAxHGo5vuaklQVHdmz-UiLReMprfd8DxAiN7ufN2KVsbLxdi6y134nMeF9CBdh6j10IO6_&sig=Cg0ArKJSzJQXlcslN_eFEAE&id=lidar2&mcvt=1000&p=0,0,254,250&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660867446576&rpt=3078&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6EEF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=3581665887227268&bg=!bm2lbSnNAAYUOm8VNDo7ACkAdvg8Wp2I0BfhM85pUXyt1HdVttO0GZK3fpJbyINwUhMgrg9VScvQ-gIAAABGUgAAAAJoAQcKAJTnQFBZ4H1xQRGCG6hiCmZIS1VstNBtNS5AJmRqZJhOw5tkeN3RybxD0yCS73lsY2d0Dk7EP3e7Hnttln85TwCuO9fRpPlosHrDwocNfFkDiJhOyuk_u3mcurCRC6MrxsChlXIYZwn1lLXEhITGhk2cEaeDt38GoPlbrBlDo64c_sgMsVawnjHgrnK3jSwNPU0JoQZMmQK2zY983mVoKMZX1UFwrWukC_RSMGnFSq_8-pxYOmHnNomk-V9FGbzlBBpJ9jPZBrOICmhpmDXZL0rT7fPn2c-z5SP28P5UIr3VCaptFpjF8Qwp7DVWEo0ZJo8HA_SoWxOhQxbDTMy-Cs6o5_5EkA-yLHZoQ4xMtmzoL9NCetwCQtVU8bOncXLDxmOxwADkTgQ1sRXzp_g87DctP4SPKt-PQ_tgY5kRI-KT5efv6nS1wMANzvWdfddrC6IBv7xQXfr1t3QKu8-EpW7lrUuhfC3UdfUhfEkAaw08kPvdaEIPa5vK6KfcSODzcChGfkcXe1ewB1_Amh0Vf7mM8EiCUg37iCoTDolFj6n39esypqxOUvEsL3bBGqYP8sOP4-2wkYcCh2W9ugx-bLaSdZ8CI5wFWOUgbItPt_TiUqGLvIZcA9isW5C_VamWOQkkbV5lccoW6VJJl51nFJ1ooqM9WIVbjNGQTAy-nG767lYVsekknJjkzw8bJazZpQpLrm7sek43_WH49WELEningUzoPYu6NgXfyvnqwmQqkJHcK2kQsncuyJgCvhVbWBGQhjgrzf6JTJAAJNvsxE8Q_esti5NDVD3bhc0lj9CWEJpCk97hMgQJkuxfgXV_U6e0yPpZdM5ZntcipXi_2GRkjTVd33Ff55_S4kuBNT66Axj00B67UpWuTCf-txHfgtbWk9YQkEVKjhYJz-xUjnOjmIre2mFL1XhULjenKJBXjeQRHoNUWZGcZAxSEAKoXgOn1BagLy9MlbOeWPGVJ53XHPHjO37Z1zVraV2r316LCxQERs2FaPkusW5aF2HfrmISHJKhm2Oc85uxsqqoDlH-ExVOkp59d9bIdaffNqh2PMd5K5oGixUvxD_gpLXJ828Kf2614Nz0wi4NLfMZZ1b6JhnAA2Fs57a-0zBHjw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

async_usersync
ib.adnxs.com/ Frame 0859
0
747 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:10 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
563254bb-da2e-4320-b8ee-ce37ef917520
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame B5D4
61 B
382 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:10 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1483
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
usync.html
eus.rubiconproject.com/ Frame 2D04
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Aug 2022 00:04:11 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 19 Aug 2022 00:04:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 7789
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Drkt%26refUrl%3D%26vid%3D086745076630386904868334510...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=rkt&refUrl=&vid=08674507663038690486833451000V10&ovsid=2020216286487508165
219 B
651 B
Document
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=rkt&refUrl=&vid=08674507663038690486833451000V10&ovsid=2020216286487508165
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Fri, 19 Aug 2022 00:04:11 GMT
expires
Fri, 19 Aug 2022 00:04:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 19 Aug 2022 00:04:11 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=rkt&refUrl=&vid=08674507663038690486833451000V10&ovsid=2020216286487508165
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1EE4
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=152021
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 19 Aug 2022 00:04:11 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 20 Aug 2022 18:17:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame B5D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dapx%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=apx&refUrl=&vid=08674507663038690486833451000V10&ovsid=1546289813757434588
45 B
452 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=apx&refUrl=&vid=08674507663038690486833451000V10&ovsid=1546289813757434588
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:11 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:11 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7df79f31-54e4-4faa-a4e2-595fbb458d05
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=apx&refUrl=&vid=08674507663038690486833451000V10&ovsid=1546289813757434588
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame B5D4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3038690486833451...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=opx&refUrl=&vid=08674507663038690486833451000V10&ovsid=a642a9bb-ecf7-4fe9-ac35-a5f5247aa812
219 B
219 B
Image
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=opx&refUrl=&vid=08674507663038690486833451000V10&ovsid=a642a9bb-ecf7-4fe9-ac35-a5f5247aa812
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:11 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:11 GMT

Redirect headers

date
Fri, 19 Aug 2022 00:04:10 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3038690486833451000V10&type=opx&refUrl=&vid=08674507663038690486833451000V10&ovsid=a642a9bb-ecf7-4fe9-ac35-a5f5247aa812
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame B5D4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dr1%26refUrl%3D%26vid%3D08674507663038690486...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dr1%26refUrl%3D%26vid%3D08674507663038...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8932383765
  • https://sync.1rx.io/usersync/tradedesk/79c13aec-f358-494c-84cc-ab07497fac3e
  • https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=r1&refUrl=&vid=08674507663038690486833451000V10&ovsid=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
45 B
470 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=r1&refUrl=&vid=08674507663038690486833451000V10&ovsid=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:12 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:12 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=r1&refUrl=&vid=08674507663038690486833451000V10&ovsid=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
date
Fri, 19 Aug 2022 00:04:12 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX50a16bb050df40a78e6d2b41efe53873004
content-type
text/html
cksync.php
contextual.media.net/ Frame B5D4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Ddxu%26refUrl%3D%26vid%3D08674507663038690486833...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Ddxu%26refUrl%3D%26vid%3D08674507663038690...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=dxu&refUrl=&vid=08674507663038690486833451000V10&ovsid=k0ed6Qe41OoPuH5
45 B
451 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=dxu&refUrl=&vid=08674507663038690486833451000V10&ovsid=k0ed6Qe41OoPuH5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:11 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:11 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0ba97292cfef13069@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=dxu&refUrl=&vid=08674507663038690486833451000V10&ovsid=k0ed6Qe41OoPuH5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame B5D4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f02481e1-d578-497d-a855-fa3c73a6c532
45 B
616 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f02481e1-d578-497d-a855-fa3c73a6c532
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:11 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:10 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f02481e1-d578-497d-a855-fa3c73a6c532
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1277035
content-length
0
expires
Fri, 19 Aug 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame B5D4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=10b13b6e-3120-4895-bbd5-4b0f61fffb84&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524490119177115132&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524490119177115132&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528008555774763557&ssp=medianet&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209620804248000022573&ssp=medianet&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528008555774763557&ssp=medianet&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5624b4f4-3202-4280-a76c-3a179eb7b7e7&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5624b4f4-3202-4280-a76c-3a179eb7b7e7&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:15 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5624b4f4-3202-4280-a76c-3a179eb7b7e7&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 19 Aug 2022 00:04:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame B5D4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dzem%26refUrl%3D%26vid%3D08674507663038690486833451...
  • https://stags.bluekai.com/site/23178?id=8Fr8nxBp-cKlsHG2zrpX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJYIZZDQ3TYIJYC2Y2LNRZUQRZSPJZHA...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=8Fr8nxBp-cKlsHG2zrpX&refUrl=&type=zem&vid=08674507663038690486833451000V10&vsid=3038690486833451000V10
45 B
455 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=8Fr8nxBp-cKlsHG2zrpX&refUrl=&type=zem&vid=08674507663038690486833451000V10&vsid=3038690486833451000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:13 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=8Fr8nxBp-cKlsHG2zrpX&refUrl=&type=zem&vid=08674507663038690486833451000V10&vsid=3038690486833451000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame B5D4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3038690486833451000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3038690486833451000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=bb5e6a24-45a8-47df-9069-a6575b030146&cs=1
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=bb5e6a24-45a8-47df-9069-a6575b030146&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:12 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:12 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=bb5e6a24-45a8-47df-9069-a6575b030146&cs=1
Date
Fri, 19 Aug 2022 00:04:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame B5D4
0
67 B
Image
General
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Demx%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.79.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-79-8.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:11 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 1EA8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=1413095467614123&bg=!JSalJmLNAAYUOm8VNDo7ACkAdvg8Wr7dRL1iW_TUGuxv-_oJxkRFYVlW7l-LQtrv8-JJkqdkCt7V0gIAAABEUgAAAAJoAQcKAH3g3_aio_i_jcE8kVlx7Luq9E_JBnkj0pELGJFDp397wPNVd1X0ibn0vBIsXnHFOFCggcDn73dd1SXRLPrz5-p7CPXL8WDAfHMYRIxogpsNFFr3S7PCYBOCi4hc2gVaFn30vLQPIbTbQrEl15Q8PmFvqv5aYGDqGJsDIyJXsJkCsUsWynBhGWSeKM4RzMLgF0KREzJKg7NdEIp6VyowQGWeA7NxHGnYw012BKbskTAveRd717dzIyRE8OL9Gs8nnSl60E5vHBPbDwvNqf_wnJsATTD-H8VePO0ud4j_WpT8lbot0FhL_cccCkvc-r4oxC9fYi1yBsNdccPlj-K9gsKs-Zs7af_92ybTu0vwh1OZUe4R-tpt-qygGJQH7x3S-AJzFiaiUXGWaHcPOKJxxw4X4FAgNJBiO78pFUqYqFA97TfAmnlZEZMfvF7M9xL83SkViJBcbirWzqIqCbM75ICmbVmQTcjqPPFTS69w2dgE7lwXfnEsiTDq3oedc2Yfzb-GNr2ivA09rHOGQId29bEJGa0LrrO1yC1GOAeMLER1KyDgChvgbWissETQ4tt-lEjDjvfahtHwYlbvxMT7ca5rZKsleLOcI4kR8XYG8X4mhinOtSZipy2xs48J2IqiwBAp68X16CJrXwNpVpfda6xUhbVkWvTpIBw7q3xry8GkC3YaVhfqsUpku3nRVtjoYZpkUK3dujcC3WOs6TJwNYID4OE4mFgz0sa9hNzAPSNdau6rOOUUJVNPrVhdxwb6kqCwvgx_T08kkLvxBy5KtDBA7vzXZtnY5MO0gf8Nd4z0kFx7oNka15RZidkmM2cVY8FUfddYGStOodtjfVk1PsY0rpO6VKB5DiZfott9p2H6xOlk4qF1505NgmqEdDRbMiCiXgb0ZTscknHE7z2qKz3KIXHDtbPZ0Pl1Ljrq3ke_cw3acKOUlZZ2c1aghATUGhRKXLLYxK98AS7gakjwATjuO24NMo6fB53qtiKFxNys6Nfrco_sL3A47NbsnV1JD2cPBXcU1z_pPudF3xz7pVkp4xHmc2x6DmkpjBi8WcAXjfBR58fef59_hAZWKnpMNTTK
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

xuid
eb2.3lift.com/ Frame E988
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=79c13aec-f358-494c-84cc-ab07497fac3e&dongle=0cfd
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=79c13aec-f358-494c-84cc-ab07497fac3e&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=79c13aec-f358-494c-84cc-ab07497fac3e&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame E988
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI2MTQ1ODMxMjY2NTEyMTY3Mjg3NQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E988
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDGvAFbIb4JtSFshn5aCf0w&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDGvAFbIb4JtSFshn5aCf0w&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDGvAFbIb4JtSFshn5aCf0w&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E988
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI2MTQ1ODMxMjY2NTEyMTY3Mjg3NQ%3D%3D
170 B
191 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI2MTQ1ODMxMjY2NTEyMTY3Mjg3NQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI2MTQ1ODMxMjY2NTEyMTY3Mjg3NQ%3D%3D
date
Fri, 19 Aug 2022 00:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame E988
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1261458312665121672875&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1261458312665121672875&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=872a1730-0e76-4436-9e85-5aa0a71a0cbd&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=872a1730-0e76-4436-9e85-5aa0a71a0cbd&_noobservation=1&_expected_cookie=69cc61b...
43 B
142 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=872a1730-0e76-4436-9e85-5aa0a71a0cbd&_noobservation=1&_expected_cookie=69cc61b79733226328daa53afad0e15c
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73cea16a5dfaa8b3-SYD
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=872a1730-0e76-4436-9e85-5aa0a71a0cbd&_noobservation=1&_expected_cookie=69cc61b79733226328daa53afad0e15c
date
Fri, 19 Aug 2022 00:04:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73cea1690d3ba8b3-SYD
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame E988
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1261458312665121672875&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1261458312665121672875&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5624b4f4-3202-4280-a76c-3a179eb7b7e7&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10528008555774763557&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10528008555774763557&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213&ssp=triplelift&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528008555774763557&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209620804248000022569&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528008555774763557&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=5624b4f4-3202-4280-a76c-3a179eb7b7e7&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=5624b4f4-3202-4280-a76c-3a179eb7b7e7&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=5624b4f4-3202-4280-a76c-3a179eb7b7e7&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 19 Aug 2022 00:04:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame E988
42 B
667 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=1261458312665121672875&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 061BF2A39CB44D3686E0168670B1D11E Ref B: SYD03EDGE1612 Ref C: 2022-08-19T00:04:11Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame E988
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1261458312665121672875?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.0HOQOlE2oRYNavBZdjmosGOE4QQrP_4wcUTYT1j8Q--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.0HOQOlE2oRYNavBZdjmosGOE4QQrP_4wcUTYT1j8Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 19 Aug 2022 00:04:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.0HOQOlE2oRYNavBZdjmosGOE4QQrP_4wcUTYT1j8Q--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame E988
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1261458312665121672875
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1261458312665121672875&dcc=t
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1261458312665121672875&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P5SGX0HRCY7Z2E47V1YC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1261458312665121672875&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E988
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=gvCx8TP1nqJSimez6yQo&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5M53EG6BYKRIDC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=gvCx8TP1nqJSimez6yQo
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=gvCx8TP1nqJSimez6yQo
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=gvCx8TP1nqJSimez6yQo
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 72C3
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8451d36c6661fd1e782a5168fa5cfa47bade280c10541c156750aabf1e71522f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10173
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9440
Expires
Fri, 19 Aug 2022 02:53:44 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1EE4
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16520142&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
41c8d636d5f19a77ba269da80eb65fe31c1d59a775447a1675c73940b7effb7e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
r.casalemedia.com/ Frame CC07
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB
Document
General
Full URL
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec86000614c360806b56a0a4312aa09671cae16e6ac2f41fe818e25f47a4d04

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73cea168fb3ca944-SYD
content-encoding
br
content-type
text/html
date
Fri, 19 Aug 2022 00:04:12 GMT
dropped-udsids
45|230|241|39|18|105|81|3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qQrEwr7f3OP8fVGNsBNBRRjwgPvbgMbSsk4M32Mk3Z9PdLRtbuhFadMuzC03tF0pGmip0aZSSZAZ3g4QCHRoJYz0CxEmdeldy3%2Bj9%2BRcmFdtQB2ACsKhxxWRfdr%2BGsrunGR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73cea166289faabe-SYD
content-type
text/html; charset=iso-8859-1
date
Fri, 19 Aug 2022 00:04:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiniPuteINlWnBbGuQiLYGL46R5V9vZ6%2F3Z3%2FT1t%2F3H5cOTlmVPOYs0GwbHvJjle%2BqqU8ho7u37xycjjrZ32Vw%2BUcTurmWWMD%2BqYQlSXOBtLUsQPWLZyeqPbOs983oUjXE9ji%2FJ6m%2FUkJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 87CA
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=152021
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 19 Aug 2022 00:04:11 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 20 Aug 2022 18:17:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame A3D0
4 KB
2 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.152.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-152-7.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c55673cf647110f8208a66bf1e96a57bb4c12b29007b735615f5614ab0944ccc

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 19 Aug 2022 00:04:12 GMT
etag
W/"018c43e2f20282d01eb3774823543cb59"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 4D15
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame E590
896 B
1 KB
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c28d64aeb3e60dd61f5455f8a7fd30c0061d469bcc5b72ceb46864fcf8f6bd3c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
896
content-type
text/html
date
Fri, 19 Aug 2022 00:04:12 GMT
usermatch
r.casalemedia.com/ Frame 3D3D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
2 KB
Document
General
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4db9ca9a673b64d1dc341beccc6ca08e05bde9ffd7fefa84b35fb10ed556340

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73cea168fb3ba944-SYD
content-encoding
br
content-type
text/html
date
Fri, 19 Aug 2022 00:04:12 GMT
dropped-udsids
230|39|241|45|188|41|47|64
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBE6F82vmQvB3pRdc7P8rHN6trGQ6v4eRiEPp9CgcEnNLYJPwECQ86MedfjSnLNUGlkp5XrCtKhC7XeAY9LAkyGZuPkCmROn8K%2B1kHWWMs7RSpOjm1fxbGVBsvp6uuKspnFh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73cea16628a0aabe-SYD
content-type
text/html; charset=iso-8859-1
date
Fri, 19 Aug 2022 00:04:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m23FycuHJooAxNmXPh04kE9HO8cLhedMfCIur7Gj5IRVCPimZb0S2sjSodgaXaV20g4Yc9brePdmsR%2BRWXRhgfu171lW0mHsjVVGLaP8Cx1poX6pS3JgCkX1BdWJqof7OnH2EqOlm5GMcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0BC0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Aug 2022 00:04:11 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 19 Aug 2022 00:04:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame 4443
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L6ZPLFMY-3-AUKM&gdpr=0&us_privacy=1YN-
0
570 B
Image
General
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L6ZPLFMY-3-AUKM&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
52.71.232.26 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L6ZPLFMY-3-AUKM&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1546289813757434588
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1546289813757434588
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:11 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c01589ad-4a1c-4659-ae04-e81b8184df51
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=1546289813757434588
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FK0kDRZH29bSf5G9Q2KxLaIs
0
349 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FK0kDRZH29bSf5G9Q2KxLaIs
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FK0kDRZH29bSf5G9Q2KxLaIs
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FK0kCLZH6TK0w-wVSNeqVds9
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FK0kCLZH6TK0w-wVSNeqVds9
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 19 Aug 2022 00:04:12 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FK0kCLZH6TK0w-wVSNeqVds9
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYTI4MzNkZjYtN2JiMS00NzJjLTljN2ItMGIxZWM2ZDkyOWQ3IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xOVQwMDowNDoxMi42NzQ0NTFaIn0=
0
432 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYTI4MzNkZjYtN2JiMS00NzJjLTljN2ItMGIxZWM2ZDkyOWQ3IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xOVQwMDowNDoxMi42NzQ0NTFaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYTI4MzNkZjYtN2JiMS00NzJjLTljN2ItMGIxZWM2ZDkyOWQ3IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xOVQwMDowNDoxMi42NzQ0NTFaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
sync.targeting.unrulymedia.com/csync/ Frame 4443
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6201445129
  • https://sync.1rx.io/usersync/tradedesk/79c13aec-f358-494c-84cc-ab07497fac3e
  • https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
43 B
377 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1973209964914422850
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1973209964914422850
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1973209964914422850
Date
Fri, 19 Aug 2022 00:04:11 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=b9beef82-ee4e-4934-ba54-6e849b7c0ea4
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=332&uid=b9beef82-ee4e-4934-ba54-6e849b7c0ea4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-39
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=b9beef82-ee4e-4934-ba54-6e849b7c0ea4
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cookie
cm.adform.net/ Frame 4443
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F581%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6e37946f-f5d0-41ea-b0b7-368420...
43 B
106 B
Image
General
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F581%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6e37946f-f5d0-41ea-b0b7-36842074cc46%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.3.28 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F581%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D6e37946f-f5d0-41ea-b0b7-36842074cc46%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Fri, 19 Aug 2022 00:04:11 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-GCycMpFE2uGGW5aKval2kcTidsu62kcLdcXjgRw-~A
0
366 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-GCycMpFE2uGGW5aKval2kcTidsu62kcLdcXjgRw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-GCycMpFE2uGGW5aKval2kcTidsu62kcLdcXjgRw-~A
date
Fri, 19 Aug 2022 00:04:12 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=4b794089-8d1b-6e71-51fd-ebe0fe0f27a3
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=346&uid=4b794089-8d1b-6e71-51fd-ebe0fe0f27a3
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=4b794089-8d1b-6e71-51fd-ebe0fe0f27a3
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 4443
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-xS0NBA1E2uFsmgE4QLYzgYo_gBn1EkrSqqfjN.A-~A
0
366 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-xS0NBA1E2uFsmgE4QLYzgYo_gBn1EkrSqqfjN.A-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-xS0NBA1E2uFsmgE4QLYzgYo_gBn1EkrSqqfjN.A-~A
date
Fri, 19 Aug 2022 00:04:12 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 72C3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EnuPGvesFGpz4T9g_fGghw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2224752484001211790
42 B
678 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2224752484001211790
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
Content-Type
image/gif

Redirect headers

date
Fri, 19 Aug 2022 00:04:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2224752484001211790
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
esync
token.rubiconproject.com/ Frame 72C3
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 19 Aug 2022 00:04:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 72C3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zVuHZKjYTpC3RBghbZMl3A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zVuHZKjYTpC3RBghbZMl3A
43 B
797 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zVuHZKjYTpC3RBghbZMl3A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ED75B5ZCZVMVF70ASD58
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zVuHZKjYTpC3RBghbZMl3A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 72C3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6ZPLFMY-3-AUKM&sigv=1&esig=2~66048f1b80a0792375ce6d37fa3907277e0bee08
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6ZPLFMY-3-AUKM&sigv=1&esig=2~66048f1b80a0792375ce6d37fa3907277e0bee08
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H2
Server
106.10.236.40 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6ZPLFMY-3-AUKM&sigv=1&esig=2~66048f1b80a0792375ce6d37fa3907277e0bee08
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 72C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFW4Gv3ngoETfl-3bqqp30c&google_cver=1
42 B
678 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFW4Gv3ngoETfl-3bqqp30c&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFW4Gv3ngoETfl-3bqqp30c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 72C3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QEhFTI4aSk2p6ZDLxga8ZA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QEhFTI4aSk2p6ZDLxga8ZA
43 B
556 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QEhFTI4aSk2p6ZDLxga8ZA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Server
52.95.118.179 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:14 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
89GZ7H8KNWRWW84VXVEV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QEhFTI4aSk2p6ZDLxga8ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 72C3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=79c13aec-f358-494c-84cc-ab07497fac3e&gdpr=0&gdpr_consent=&expires=30
42 B
678 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=79c13aec-f358-494c-84cc-ab07497fac3e&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=79c13aec-f358-494c-84cc-ab07497fac3e&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame 72C3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmZjN2Y0NzQzYzgzY2FjN2RiNjU2YTgwN2Q4NjNjMjVlMzRhMzY1ZA
170 B
191 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmZjN2Y0NzQzYzgzY2FjN2RiNjU2YTgwN2Q4NjNjMjVlMzRhMzY1ZA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmZjN2Y0NzQzYzgzY2FjN2RiNjU2YTgwN2Q4NjNjMjVlMzRhMzY1ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 0859
0
747 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:11 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
44930e88-e80f-4871-9aec-6ec8c4c11f61
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2D04
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8451d36c6661fd1e782a5168fa5cfa47bade280c10541c156750aabf1e71522f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10173
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9440
Expires
Fri, 19 Aug 2022 02:53:44 GMT
cksync.php
contextual.media.net/ Frame 2D04
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L6ZPLFMY-3-AUKM
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L6ZPLFMY-3-AUKM
45 B
451 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L6ZPLFMY-3-AUKM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 19 Aug 2022 00:04:13 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L6ZPLFMY-3-AUKM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
usync.js
eus.rubiconproject.com/ Frame 0BC0
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8451d36c6661fd1e782a5168fa5cfa47bade280c10541c156750aabf1e71522f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10172
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9440
Expires
Fri, 19 Aug 2022 02:53:44 GMT
match
c1.adform.net/serving/cookie/ Frame D5B5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 19 Aug 2022 00:04:13 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 19 Aug 2022 00:04:13 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0BA4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fe6762fe-d37c-4c00-9374-538d47dd99c3&gdpr=0&gdpr_consent=
42 B
327 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fe6762fe-d37c-4c00-9374-538d47dd99c3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Expires
Fri, 19 Aug 2022 00:04:12 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master hkg-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fe6762fe-d37c-4c00-9374-538d47dd99c3&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame D9A3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
165 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yv7TfAAHb5bZ9AAK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
461
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 19 Aug 2022 00:04:12 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
1380
x-served-by
cache-syd10135-SYD
x-timer
S1660867453.900573,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yv7TfAAHb5bZ9AAK
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10135-SYD
x-timer
S1660867452.455707,VS0,VE226
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 1246
43 B
243 B
Document
General
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame B0E0
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:11 GMT
expires
Fri, 19 Aug 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1163661
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 86F9
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wq7yddeulc9
1 B
228 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wq7yddeulc9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=wq7yddeulc9
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0310
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:k0ed6Qe41OoPuH5&gdpr=0&gdpr_consent=
42 B
195 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:k0ed6Qe41OoPuH5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 19 Aug 2022 00:04:12 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:k0ed6Qe41OoPuH5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0ba97292cfef13069@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 2D03
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004&rndcb=8525710394
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=10b13b6e-3120-4895-bbd5-4b0f61fffb84&google_hm=MTBiMTNiNmUtMzEyMC00ODk1LWJiZDUtNGIwZjYxZmZm...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDbKRuVxPb2bA6u4aAEvWsg&google_cver=1&ssp=adconductor&bsw_param=10b13b6e-3120-4895-bbd5-4b0f61fffb84
  • https://sync.1rx.io/usersync/bidswitch/5624b4f4-3202-4280-a76c-3a179eb7b7e7?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-type
text/html
date
Fri, 19 Aug 2022 00:04:13 GMT
etag
RX50a16bb050df40a78e6d2b41efe53873004
location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pxd
dps.jp.cinarra.com/ Frame C6BD
95 B
220 B
Document
General
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.231.86 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Fri, 19 Aug 2022 00:04:13 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 753F
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7509801e-1f52-11ed-8f72-b1eae2d91c37
42 B
243 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7509801e-1f52-11ed-8f72-b1eae2d91c37
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7509801e-1f52-11ed-8f72-b1eae2d91c37
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
aws-apsoutheast1c-delivery-3
server
Cowboy
Pug
image2.pubmatic.com/AdServer/ Frame 4826
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=kPz02ndpCY2GIrgNfNP-Yg
42 B
227 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=kPz02ndpCY2GIrgNfNP-Yg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 19 Aug 2022 00:04:12 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=kPz02ndpCY2GIrgNfNP-Yg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame BD5A
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e2d07601bc54b6cab3e7c0bbb5431d1
42 B
222 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e2d07601bc54b6cab3e7c0bbb5431d1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Fri, 19 Aug 2022 00:04:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9e2d07601bc54b6cab3e7c0bbb5431d1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame BDA1
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
225 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73cea169e9e0a80e-SYD
content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
cookiesync
core.iprom.net/ Frame 5F87
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-b735086585b2@version_1.522v2
X-core-time
1ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 671D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
448 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.245 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
73cea16caad4aae7-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 19 Aug 2022 00:04:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
73cea169ffe3aae7-SYD
content-type
text/html
date
Fri, 19 Aug 2022 00:04:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
3713
141
match.deepintent.com/usersync/ Frame 4FD0
0
44 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
server
c
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame FCE0
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=42cde734-e23d-4a34-a437-14d3e9ef9135-tuct9f858fc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
55 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=42cde734-e23d-4a34-a437-14d3e9ef9135-tuct9f858fc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10177-SYD
x-timer
S1660867453.677420,VS0,VE130

Redirect headers

accept-ranges
bytes
content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=42cde734-e23d-4a34-a437-14d3e9ef9135-tuct9f858fc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10177-SYD
x-timer
S1660867452.472684,VS0,VE103
x-vcl-time-ms
103
cksync.php
contextual.media.net/ Frame 36E5
45 B
467 B
Document
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3038690486833451000V10&type=pba&refUrl=&vid=08674507663038690486833451000V10&ovsid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Fri, 19 Aug 2022 00:04:12 GMT
expires
Fri, 19 Aug 2022 00:04:12 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1EE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vu0szVoASpWrfmSaJa0NkA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
10 KB
10 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=152020
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 20 Aug 2022 18:17:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 1EE4
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
  • https://pippio.com/api/sync?pid=5324&it=1&iv=c8f9fb75e2e266de9176058e44995ddc9b708d5f131477e00648c59a25f38bed791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjOGY5ZmI3NWUyZTI2NmRlOTE3NjA1OGU0NDk5NWRkYzliNzA4ZDVmMTMxNDc3ZTAwNjQ4YzU5YTI1ZjM4YmVkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBjOGY5ZmI3NWUyZTI2NmRlOTE3NjA1OGU0NDk5NWRkYzliNzA4ZDVmMTMxNDc3ZTAwNjQ4YzU5YTI1ZjM4YmVkNzkxNDI2YjU0MTdkY2UyMRAAGgwI_ab7lwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=3a04acc6-19e2-473f-b0d5-a8e1cdaf88dd
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=3a04acc6-19e2-473f-b0d5-a8e1cdaf88dd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=3a04acc6-19e2-473f-b0d5-a8e1cdaf88dd
date
Fri, 19 Aug 2022 00:04:14 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8e462fe-d37d-4200-9310-62770bfd88f8
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8e462fe-d37d-4200-9310-62770bfd88f8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 19 Aug 2022 00:04:13 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8e462fe-d37d-4200-9310-62770bfd88f8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Aug 2022 00:04:12 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkVFRDJDQ0QtNUEwMC00QTk1LUFCN0UtNjQ5QTI1QUQwRDkw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEX6X-zWrQNPkkoHNiVHRW4&google_cver=1
42 B
531 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEX6X-zWrQNPkkoHNiVHRW4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEX6X-zWrQNPkkoHNiVHRW4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
42 B
209 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 19 Aug 2022 00:04:13 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 18 Aug 2022 00:04:13 GMT
BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1EE4
43 B
985 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BEED2CCD-5A00-4A95-AB7E-649A25AD0D90?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.19.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-19-43.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=79c13aec-f358-494c-84cc-ab07497fac3e
42 B
278 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=79c13aec-f358-494c-84cc-ab07497fac3e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=79c13aec-f358-494c-84cc-ab07497fac3e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1546289813757434588&gdpr=0&gdpr_consent=
42 B
219 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1546289813757434588&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:12 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e1aec6b2-a45b-445a-b9e3-d71114c20097
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1546289813757434588&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LevnTX_qth42vLYbIrqsHCns4B0277cRLempkOfk
42 B
336 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LevnTX_qth42vLYbIrqsHCns4B0277cRLempkOfk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LevnTX_qth42vLYbIrqsHCns4B0277cRLempkOfk
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5624b4f4-3202-4280-a76c-3a179eb7b7e7&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522519798217669243&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522519798217669243&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10528008555774763557&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=208580804248000022532&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10528008555774763557&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5624b4f4-3202-4280-a76c-3a179eb7b7e7&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
244 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5624b4f4-3202-4280-a76c-3a179eb7b7e7&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5624b4f4-3202-4280-a76c-3a179eb7b7e7&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 19 Aug 2022 00:04:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7W4O.4pE2uWGlidkJQFvldYJVGhcvto-~A&gdpr=0&gdpr_consent=
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7W4O.4pE2uWGlidkJQFvldYJVGhcvto-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7W4O.4pE2uWGlidkJQFvldYJVGhcvto-~A&gdpr=0&gdpr_consent=
date
Fri, 19 Aug 2022 00:04:12 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4925623162690373801
42 B
297 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4925623162690373801
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4925623162690373801
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6930922757553007061&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6930922757553007061&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6930922757553007061&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6bc1206230c22045&is_secure=true&networkId=17100&version=1&nuid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJs7nM82AJqwMgyFfVAAAAAAA&expiration=1660953853&nuid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&...
42 B
265 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJs7nM82AJqwMgyFfVAAAAAAA&expiration=1660953853&nuid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJs7nM82AJqwMgyFfVAAAAAAA&expiration=1660953853&nuid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1546289813757434588
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1546289813757434588
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
af1be6b8-0e5e-45f9-881e-88d703cb930c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1546289813757434588
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 1EE4
35 B
209 B
Image
General
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.28.113 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1546289813757434588
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1546289813757434588
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a8881ce-4673-4d76-b11e-bb6304bbbb19
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=1546289813757434588
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_c3bcfac5-7269-4f14-b20a-727c5328bbe8&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=W2APkQlhXsJAN17HVDFEwF9nCMFAZF_NW2Jfa_hp
  • https://usersync.gumgum.com/usersync?b=bsw&i=5624b4f4-3202-4280-a76c-3a179eb7b7e7
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=5624b4f4-3202-4280-a76c-3a179eb7b7e7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=5624b4f4-3202-4280-a76c-3a179eb7b7e7
Date
Fri, 19 Aug 2022 00:04:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
www.example.com/ Frame A3D0
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28tgMVLHoSysCYrqf5ZRXnrx3D9IEtye60EMiYK-GzAv1WVH8o45ufcUdZ8DNm8k13%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_c3bcfac5-7269-4f14-b20a-727c5328bbe8&obuid=ENC(tgMVLHoSysCYrqf5ZRXnrx3D9IEtye60EMiYK-GzAv1WVH8o45ufcUdZ8DNm8k13)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://www.example.com/
0
0
Image
General
Full URL
https://www.example.com/
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
93.184.216.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location
https://www.example.com/
Date
Fri, 19 Aug 2022 00:04:14 GMT
X-TraceId
e049d7ada0f538a15e9ff358b967d7cd
Content-Length
0
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=99536454-6fe2-4d5f-a801-cb765ec53b88
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=99536454-6fe2-4d5f-a801-cb765ec53b88
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 19 Aug 2022 00:04:12 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=99536454-6fe2-4d5f-a801-cb765ec53b88
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-05eddac1-5843-4dcb-4e54-fee2c5aa9bfe$ip$173.245.209.142
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-05eddac1-5843-4dcb-4e54-fee2c5aa9bfe$ip$173.245.209.142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-05eddac1-5843-4dcb-4e54-fee2c5aa9bfe$ip$173.245.209.142
Date
Fri, 19 Aug 2022 00:04:13 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3Q5gJ85E2per1VsoUpvPmUOKuaUSjsPX0WUF~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3Q5gJ85E2per1VsoUpvPmUOKuaUSjsPX0WUF~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 19 Aug 2022 00:04:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3Q5gJ85E2per1VsoUpvPmUOKuaUSjsPX0WUF~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=335c9c8c-f55c-4e35-916e-90f607ddad5e
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=335c9c8c-f55c-4e35-916e-90f607ddad5e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=335c9c8c-f55c-4e35-916e-90f607ddad5e
Date
Fri, 19 Aug 2022 00:04:13 GMT
X-CI-RTID
a4bb7268-9485-4fb4-9657-517905f0e95a
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame A3D0
0
293 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.63.138 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
107712393
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame A3D0
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_c3bcfac5-7269-4f14-b20a-727c5328bbe8&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=gvCx8TP1nqJSimez6yQo&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Z3WIN4DQVCQGFXHCSSTNFWWK6RWPFIW6...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=gvCx8TP1nqJSimez6yQo&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=gvCx8TP1nqJSimez6yQo&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=gvCx8TP1nqJSimez6yQo&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=1ef1604d-a824-4d7a-a919-8d2f0067dd45
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=1ef1604d-a824-4d7a-a919-8d2f0067dd45
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=1ef1604d-a824-4d7a-a919-8d2f0067dd45
date
Fri, 19 Aug 2022 00:04:13 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
sync.targeting.unrulymedia.com/csync/ Frame A3D0
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004&rndcb=3959652151
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5624b4f4-3202-4280-a76c-3a179eb7b7e7&google_hm=NTYyNGI0ZjQtMzIwMi00MjgwLWE3NmMtM2ExNzllYjdi...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDbKRuVxPb2bA6u4aAEvWsg&google_cver=1&ssp=adconductor&bsw_param=5624b4f4-3202-4280-a76c-3a179eb7b7e7
  • https://sync.1rx.io/usersync/bidswitch/5624b4f4-3202-4280-a76c-3a179eb7b7e7?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
43 B
377 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=7jAO1vo05Zo2&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=7jAO1vo05Zo2&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://usersync.gumgum.com/usersync?b=pln&i=7jAO1vo05Zo2&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
usersync
usersync.gumgum.com/ Frame A3D0
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7796439680771007539
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7796439680771007539
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7796439680771007539
date
Fri, 19 Aug 2022 00:04:13 GMT
content-length
0
sync
ads.servenobid.com/ Frame A3D0
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_c3bcfac5-7269-4f14-b20a-727c5328bbe8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame DFD0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=6ef262fe-d37c-4b00-98f1-e46e0f7874ea&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=6ef262fe-d37c-4b00-98f1-e46e0f7874ea&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Expires
Fri, 19 Aug 2022 00:04:12 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master hkg-pixel-x4 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=6ef262fe-d37c-4b00-98f1-e46e0f7874ea&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 80F1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Yv7TfAAHcPfa-AAK
  • https://usersync.gumgum.com/usersync?b=atm&i=Yv7TfAAHcPfa-AAK&gdpr=0&gdpr_consent=&_test=Yv7TfAAHcPfa-AAK
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Yv7TfAAHcPfa-AAK&gdpr=0&gdpr_consent=&_test=Yv7TfAAHcPfa-AAK
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Yv7TfAAHcPfa-AAK&gdpr=0&gdpr_consent=&_test=Yv7TfAAHcPfa-AAK
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10135-SYD
x-timer
S1660867453.904613,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 51CA
170 B
191 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9jM2JjZmFjNS03MjY5LTRmMTQtYjIwYS03MjdjNTMyOGJiZTg=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4B9F
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=152020
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 19 Aug 2022 00:04:12 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 20 Aug 2022 18:17:52 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 7571
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=79c13aec-f358-494c-84cc-ab07497fac3e
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=79c13aec-f358-494c-84cc-ab07497fac3e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 19 Aug 2022 00:04:12 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=79c13aec-f358-494c-84cc-ab07497fac3e
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame 4017
0
66 B
Document
General
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.79.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-79-8.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 19 Aug 2022 00:04:12 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 50A5
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Yv7TfMCo5sMAAM3v3SEAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Yv7TfMCo5sMAAM3v3SEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 19 Aug 2022 00:04:12 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Yv7TfMCo5sMAAM3v3SEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
45
X-SO-HostName
a-ad40151.dc2p.scaleout.jp
X-SO-IP
173.245.209.142
X-SO-Key
Yv7TfMCo5sMAAM3v3SEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":45,"gdpr":false,"ipv4":"173.245.209.142","key":"Yv7TfMCo5sMAAM3v3SEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40151"}
X-SO-LB-Hostname
a-tgng40005.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40151
usersync
usersync.gumgum.com/ Frame F670
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Yv7TewuR7gpcgEiDeDFP7wAA%26870
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Yv7TewuR7gpcgEiDeDFP7wAA%26870
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73cea16aebe0aaf0-SYD
content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Yv7TewuR7gpcgEiDeDFP7wAA%26870
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPr8H%2FdYhvyIZWB9k2biERbfVoCcFPNUihaNhOCEOc4KnjgHnbW4ZGnWvLrfF5pj4tQYYLRGRvVjs76fjU4WeKNOsZs0kYlRvtZT011dHkGyn8jHVRj2h4BJSslxF5i%2FqMM%2B80qkPWp4jw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 32CE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=IQHt4nTEUiX0sGvmFTwA&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=IQHt4nTEUiX0sGvmFTwA&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 19 Aug 2022 00:04:13 GMT Fri, 19 Aug 2022 00:04:13 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=IQHt4nTEUiX0sGvmFTwA&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame AA4E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Aug 2022 00:04:12 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 19 Aug 2022 00:04:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 0BC0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L6ZPLFMY-3-AUKM
  • https://ads.servenobid.com/sync?pid=323&uid=L6ZPLFMY-3-AUKM
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L6ZPLFMY-3-AUKM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:14 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.servenobid.com/sync?pid=323&uid=L6ZPLFMY-3-AUKM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 3D3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yv7Te3lQICJXrRHdfcBDRAAAA1AAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAUBbDoBS6GCY6g4hGA3bRU&google_cver=1
43 B
909 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAUBbDoBS6GCY6g4hGA3bRU&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16bdd03aaf0-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwWD%2Bwy7sCYCnGFS3KTpFuiPQjNbvyqR4ybMTMGO6RPrx1DFJzWbHVgFAGEyfXSnZhcd3q8U844HiMMNW41C7%2BY7Zo9fkgJ3UHc9b2M4m8RAMa4OQehQyaKqbjwy7HtRX8EujPiVoWr%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAUBbDoBS6GCY6g4hGA3bRU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3D3D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=79c13aec-f358-494c-84cc-ab07497fac3e&expiration=1663459452&gdpr=0&gdpr_consent=
43 B
417 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=79c13aec-f358-494c-84cc-ab07497fac3e&expiration=1663459452&gdpr=0&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16cdbad6a72-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY8xMgzvL5Aot8PNZTwWsjbKHPXptwheYIOY2eZZ0mY2AglrOT7TtsxjE5EHhurFh1halMkqxyqApaE6ZtXPYRVRDT99Ny%2FqrkQWEj7xn2u%2FDkxF1QmocjBAMCUNPw2HpNBdYQu0goKtrg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=79c13aec-f358-494c-84cc-ab07497fac3e&expiration=1663459452&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame 3D3D
43 B
932 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yv7Te3lQICJXrRHdfcBDRAAAA1AAAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6C702XE8T39PMPF118G2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3D3D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yv7TewuR7gpcgEiDeDFP7wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKE_x9IWvxzTlfyRUM4-lM&google_cver=1
43 B
908 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKE_x9IWvxzTlfyRUM4-lM&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16fbfffa80e-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk%2BTIQgsa7VTOeXJc38NmMTmZhn1bfCJelohxo1TdMeLaUsxo0AdvJUbl3CWYI99euRAloWQhRCc6oMzGsXgMGRR661feKgkxZ8XhayG%2FLVhKwkE2V6ABeZXZk0kf%2BTDNxlzN0zKIKqhqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKE_x9IWvxzTlfyRUM4-lM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 3D3D
0
285 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.183.195 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:13 GMT
crum
dsum-sec.casalemedia.com/ Frame 3D3D
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=750a386a-1f52-11ed-9f62-b1eaf9939be8
43 B
910 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=750a386a-1f52-11ed-9f62-b1eaf9939be8
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16f4f54a80e-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5QdyATLOYDjgbhBSIiy52Wfw3Nil69bztwdgL%2BKeW3i0JucUk%2B1nlGaNH7lTg42pxfOnrYsa0%2BfcsRv3iCVU3rwXyj%2B6bI%2FoQHfsrSE8iPupthUz4H03FftpPFWj8sASz0JXb38MDw%2FAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:13 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=750a386a-1f52-11ed-9f62-b1eaf9939be8
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
aws-apsoutheast1c-delivery-3
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 3D3D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=k0ed6Qe41OoPuH5
43 B
422 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=k0ed6Qe41OoPuH5
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16cdbb26a72-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMGXLUYDLT8tQYMiiPgkbQSMqtKxw6s7CSFka173%2FDGFZiuBrpkZfjxE9Tlfof7mrCQlDDCgfhFAPu4XG4fD2IGwtGOUbclhR%2FONGRqF9GWMzpKzJLDzI1scpT%2BE%2FvKHB2o48jvak9k%2BHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:12 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-01afc7b9ae03f914c@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=k0ed6Qe41OoPuH5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 3D3D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2...
49 B
737 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dc2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
52.74.113.22 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.6.64
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=c2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dc2ffdcbb-756c-4739-9a61-c6a912265951-62fed37d-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y
cache-control
no-cache
x-server
10.42.12.165
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 3D3D
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Yv7Te3lQICJXrRHdfcBDRAAAA1AAAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CC07
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yv7TewuR7gpcgEiDeDFP7wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKE_x9IWvxzTlfyRUM4-lM&google_cver=1
43 B
911 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKE_x9IWvxzTlfyRUM4-lM&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16fbff6a80e-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2a0pg2b2pLoAXP6uC8%2FtvMMS3k%2BkDcGxhTxEUg%2FUFjOI%2BYByzFPzQZsRjheW1eH%2BQuXBrZ9gEo8FT5snumoCdvBFn76Y3y9Mhv12T7opvxA1ocKfXdpE8%2Fvva0C4t1JfOY4YVvuqTbE1zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEKE_x9IWvxzTlfyRUM4-lM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CC07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yv7TewuR7gpcgEiDeDFP7wAAA2oAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAUBbDoBS6GCY6g4hGA3bRU&google_cver=1
43 B
911 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAUBbDoBS6GCY6g4hGA3bRU&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16bed1caaf0-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XKnIADGBbscKEDJeGrC%2FHo8DTGZr0ql5Nz8EPbNXRYUNhOatDBnaZZl0OOiYm8jhoqD4pGMFh83X0ngnVz%2FBbgDMY%2FgNfZ6ecXyk36N3X6UaL3M1WMXGwS%2BKXZ2X4s6atvVG4w7X4VjHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAUBbDoBS6GCY6g4hGA3bRU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame CC07
43 B
932 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yv7TewuR7gpcgEiDeDFP7wAAA2oAAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QJMSCNSV5ENYWNHC6HCQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CC07
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=79c13aec-f358-494c-84cc-ab07497fac3e&expiration=1663459452&gdpr=0&gdpr_consent=
43 B
957 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=79c13aec-f358-494c-84cc-ab07497fac3e&expiration=1663459452&gdpr=0&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16cdbae6a72-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp1cYI%2BecE0rxpvoTk0g7jN0CnwM9iCshRNXr2Z52LkNzPOz4q9AICurIg6Dw4jjgZhDOgN6D1MQtnP%2Ff%2F%2BVgIZsY9sDo%2BX6xqmp87CKUbnwN0esT8Ma4BKdAyDYXn%2BLCX5FpxDZIcElHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=79c13aec-f358-494c-84cc-ab07497fac3e&expiration=1663459452&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame CC07
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1676765053&external_user_id=7193dc45-3258-4438-8786-68b7af5444f2
43 B
910 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1676765053&external_user_id=7193dc45-3258-4438-8786-68b7af5444f2
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea17078ada80e-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLlEj48EMMmYn34oHk1sMOq8F5Deb8hm9%2Futuac1hTN2hHUUQyMkqCNZuWk3O9c39NdVkwuQHxz%2FQZHHzNYq%2BSht5ABzelemd2oySL81x1hjNG%2Bh0eBMQ7VIAuQykcE4jcx6ypEk7p%2FXhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1676765053&external_user_id=7193dc45-3258-4438-8786-68b7af5444f2
date
Fri, 19 Aug 2022 00:04:13 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame CC07
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
942 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16f3f2ba80e-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fsv5nfn3wdgqHvs4dC4bHBmHnpXbhf5I1sQQfVyr4vxQedhaHk60OaSbNiMh%2BFTAaukU%2BGODZWBB20pndmaLpnpSnsyzqc9iHtgqEIiaeNn1O7KwW8HbFmgwtuARReSMjuzLEb%2FrZw2N1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 19 Aug 2022 00:04:13 GMT
server
nginx/1.20.0
content-length
76
rum
dsum-sec.casalemedia.com/ Frame CC07
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=PQ9FKG8OFHsmWBR-Ml4OeTkIQngmCxV0PQ37qKDQ
43 B
424 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=PQ9FKG8OFHsmWBR-Ml4OeTkIQngmCxV0PQ37qKDQ
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16cdbaf6a72-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFUR0gqyjDGJtDMne%2Bx3EUDjHqk4lEVqHE0H4L%2BFiqUsyBEGZKpdDJI2iHMQjHyKsMp0E4321y1%2BCKsWs8gQfbQnArUyoE%2FT5uEMnWYZ8YiOj%2BZ0lEPH9%2BVN4mvhLCVREVMCJw6fP5qeqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=PQ9FKG8OFHsmWBR-Ml4OeTkIQngmCxV0PQ37qKDQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CC07
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=338862fe-d37d-4500-b754-923fd2713ea9
43 B
912 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=338862fe-d37d-4500-b754-923fd2713ea9
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73cea16f4f57a80e-SYD
pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6ZodmHpGc6rqfl7GGl2SoJKr%2FAEi7V67t0u28%2B4mnOo%2B%2Fw15z2kE%2FEITC4%2BcQFz8%2FNsCSmCWaNHGw821BsuII0i6oRmPCm1unbhywjNnc3hD86U75OTAAvVrIiJWnrfMZYeZxAqS9lhwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 19 Aug 2022 00:04:13 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=338862fe-d37d-4500-b754-923fd2713ea9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Aug 2022 00:04:12 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame CC07
43 B
424 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yv7TewuR7gpcgEiDeDFP7wAA%26874
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
cf-cache-status
HIT
age
32
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73cea16cdd8aaaf5-SYD
expires
Fri, 19 Aug 2022 04:04:12 GMT
sync
ads.servenobid.com/ Frame E590
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7796439680771007539&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.199.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-199-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame E590
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08082204079d58ebb1c0bddb&gdpr=0&gdpr_consent=
43 B
453 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08082204079d58ebb1c0bddb&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08082204079d58ebb1c0bddb&gdpr=0&gdpr_consent=
date
Fri, 19 Aug 2022 00:04:13 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
/
rtb-csync.smartadserver.com/redir/ Frame E590
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f02481e1-d578-497d-a855-fa3c73a6c532&gdpr=0&gdpr_consent=
43 B
425 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f02481e1-d578-497d-a855-fa3c73a6c532&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:12 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=f02481e1-d578-497d-a855-fa3c73a6c532&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1019407
content-length
0
expires
Fri, 19 Aug 2022 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame E590
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030001_62fed37d6a764&gdpr=0&gdpr_consent=
43 B
451 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030001_62fed37d6a764&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 19 Aug 2022 00:04:13 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030001_62fed37d6a764&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
redir
rtb-csync.smartadserver.com/ Frame E590
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJPT07F_acAABBWZH-gLg&gdpr=0
43 B
480 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJPT07F_acAABBWZH-gLg&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:14 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJPT07F_acAABBWZH-gLg&gdpr=0
Date
Fri, 19 Aug 2022 00:04:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
usync.js
eus.rubiconproject.com/ Frame AA4E
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8451d36c6661fd1e782a5168fa5cfa47bade280c10541c156750aabf1e71522f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 00:04:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10171
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9440
Expires
Fri, 19 Aug 2022 02:53:44 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame F2A0
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: 71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
186324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:18:49 GMT
usersync
usersync.gumgum.com/ Frame AA4E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L6ZPLFMY-3-AUKM
  • https://usersync.gumgum.com/usersync?b=mag&i=L6ZPLFMY-3-AUKM
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L6ZPLFMY-3-AUKM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Aug 2022 00:04:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L6ZPLFMY-3-AUKM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8h0&_p=648&cid=250279641.1660867447&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1660867448&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&dt=%E7%AC%AC1%E5%A4%A9%E4%B8%8A%E5%AD%B8%E5%A5%B9%E5%A4%A7%E5%93%AD%EF%BC%81%E9%98%BF%E5%AC%A4%E6%86%91%E8%A8%98%E6%86%B6%E3%80%8C%E6%83%B3%E6%8E%A5%E5%AD%AB%E5%A5%B3%E5%9B%9E%E5%AE%B6%E3%80%8D%E3%80%80%E7%B5%90%E5%B0%BE%E8%97%8F%E6%B4%8B%E8%94%A5%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B015
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCX9ZqupDXu4hAwbRXf3IUlaqPCu9kv-kz9WvVe-gyDd1x_NS3oWchZe2mb3EdxpYf3wZH0y1Rjy36ueaa1nG7jVxm4Q2PUnobxGqh8JrGLF5cYW_pyBi4ZdGilbHwFU91NLkrjWyVTg&sai=AMfl-YQwCjPs92IUQIqtiw9Gd_IPhfXHxpyBoouEDbENxaGh9YQJTVjcLvIUDpAIurb-n0EW4FZn6WU918MC-62RslHwE3xW6TfQgnWBlIVisov69ytlQVJ1Swj0FW1w&sig=Cg0ArKJSzN4t7LD_6YniEAE&cid=CAASFeRoyMMxuPRWUk3RtIymShf9etzZLA&id=lidar2&mcvt=1000&p=60,236,310,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=21&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660867448068&rpt=5099&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1EE4
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3038690486833451000V10%26type%3Dpba%26refUrl%3D%26vid%3D08674507663038690486833451000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 87CA
695 B
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22118554&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
19be82572deda194f746322b95e59c27d5aa701af6074fb81cefacd28c133707

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
695
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 4F07
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 19 Aug 2022 00:04:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Fri, 19 Aug 2022 00:04:15 GMT
expires
Thu, 18 Aug 2022 00:04:15 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F7D8EBBA79904A6D8870D87DA1297C10
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
x.yieldlift.com/ Frame D727
0
702 B
Document
General
Full URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.232.26 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept
application/json
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8
Expires
0
Pragma
no-cache
info2
uipglob.semasio.net/pubmatic/1/ Frame 87CA
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
119.9.108.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:09 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:08 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 87CA
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.113.22 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.30.3
content-type
image/gif
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 87CA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=79c13aec-f358-494c-84cc-ab07497fac3e&ttd_puid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213%2C
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=79c13aec-f358-494c-84cc-ab07497fac3e&ttd_puid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213%2C
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Server
107.178.244.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:15 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=79c13aec-f358-494c-84cc-ab07497fac3e&ttd_puid=f6d32b88-dfc6-44bc-b816-9f80c0dd8213%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
PugMaster
image6.pubmatic.com/AdServer/ Frame 4B9F
47 B
167 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35430493&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E7%AC%AC1%E5%A4%A9%E4%B8%8A%E5%AD%B8%E5%A5%B9%E5%A4%A7%E5%93%AD%EF%BC%81%E9%98%BF%E5%AC%A4%E6%86%91%E8%A8%98%E6%86%B6%E3%80%8C%E6%83%B3%E6%8E%A5%E5%AD%AB%E5%A5%B3%E5%9B%9E%E5%AE%B6%E3%80%8D%E3%80%80%E7%B5%90%E5%B0%BE%E8%97%8F%E6%B4%8B%E8%94%A5%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-EIOlvx8bHhMcBHoOJ0-TYg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=15534&dns=5&tcp=570&rrt=0&srt=1013&pdt=1&clt=1858&dit=1858&a=648&z=0.25128257632040163&gtm=2pu000&t=timing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 21:54:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7761
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
f2e341201299d731f3cbadc647fd3a67aba7d78f7bd344303b92e7f00b3f7276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Aug 2022 00:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11196
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 7CA3
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
764c35e4d5842dfdc52da060b39a804c1af94a7c06b3c3919b1b5f0c73c7b5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6146
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:15 GMT
server-processing-duration-in-ticks
3205
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame F7F6
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 19 Aug 2022 00:04:16 GMT
Expires
0
Pragma
no-cache
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069030
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 00:04:16 GMT
json
gum.criteo.com/sid/ Frame 7CA3
428 B
538 B
Fetch
General
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=QqL8Kl9qSDRmeVV5bWJxb2V1ZW9tWXlLTjRFUnN6dUpqTmtkS1Z4cFFjVHYlMkJPZmppZnoyN3Y3TiUyQlRtTklmdjBtQVVrUjdPZ0tMUnVBaUpreSUyRk9DSnFzSzNLbjFlMTJXc0l1ZnolMkZqbnl1WDJ6R1hVJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
66abc5daee3e375383bc30c88dc778604bef5e7dbf5a148d9567f3cce6834f42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Aug 2022 00:04:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3723
strict-transport-security
max-age=31536000; preload;
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6753
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
431592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 00:11:04 GMT
expires
Mon, 14 Aug 2023 00:11:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ED03
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
GSE /
Resource Hash
b330127a6b244300a86fd60981058c8a10e1b464e27c08bd223664968c3ada3e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wGk-iUyCTtI0Q311nf6nbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-wGk-iUyCTtI0Q311nf6nbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 00:04:16 GMT
expires
Fri, 19 Aug 2022 00:04:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame ED03
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081601&jk=1322869054936030&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 6753
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 20:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
186327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:18:49 GMT
generate_204
tpc.googlesyndication.com/ Frame 6753
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?msYcqQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 87CA
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:04:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081601&jk=1322869054936030&bg=!PT6lPnrNAAYUOm8VNDo7ACkAdvg8Wsknbt_gUXTV0OUAQoHH42xJMpmAwKLN5ZGV3WBJmfinGnbRbgIAAABJUgAAAAJoAQcKAJavBeGEavMRwdckY9tHBK2rCkEGBs12SYCjuMPUdwS2X5XuANgNdeirqH7ao3UGmBqCkba1dUxWyQVOl3Qkfr8cDe9KM9NqKuLY6FReLCbyuTjc2vN8kquDe3jSngUYK7m2pakgJoqQb9mOKrsiq9QcnY-6E5uEmhhhTSCnD532UBgQFV-xDDHxi0tzLDyrDkGaxpWDNnCZAqkk0M6V2lYR-04FHk02mG7OUwV1MK0gtPh68SQhTMOPBu7rXmLNOSgG2nIvDbOZrVSgm_8aSwdfcHhXy_KATK6TbDSVhSlWa-eDfLm2dAISsbLzuxF2Wpyhl7sN2wdiQOqLJHzTQSOUZcKxsFvcgGv29MUR0VdVeiWZWXVUjetlUIIbQKHquDy60GbpSgmkpLUWa5fgwzSAZ_Uelydahfjkwqd4e5ou1jNKW3mGrRM7Ra6v9OKmuAS199t6e4V-MHt0aaeAC6WWQPgGxk3ikobmFx-FiDMtP1zBXoXFvSF0B6zz1PuH6rVP1RKzRjfPhyNdCpO9FIY9_yhr2x1Ub7UBWL8YEau7bwYmTTFHfRCYrc4uAy8ndMKMWFKr51Q0-RlbZjaLYWOR_qXTshhwMkTO4MTLl3RcKStB6HkFaFpGmtyUp--MfAEo9acBYqSeYhIWJjNxETSgmdILfOF2NdwlwkC5442S5PUKSEGV6SkMmjQpyHaHvKPfnvEBfizChP2cIs6N8KMzahldTepQFjLQnRgxxVLPBOLoT8ILqINgndgKIbNXlOFq473NS5K5iqGJ6FONdDHZ2ddPmsVR8S9TQIjSyMReGsk2oMQeFe9AdtRlcLLEh2k1Svrrk_2bwv_hPWPgWVdtUSR64rBt45ikEZuHT8HbCg6SmVqj7Os8w9le7szhOUPpXP7KvTCEjMCdMCoLJB5Dq4UHkos3ySwdp1mtodBclNdF6mjIBuIW-1a8w1TY8_42S1iTf0Jq8BM2H_04EgVt7gh4jIhPJMBQSvTCGSOC2SRWa7MU6fuaLWuXr-eT5bCwxwO4HVgza_MN6kllWkxzm_Jx9PyxPPIvpHTwsKQn-wbMNXAp09gt4s8SPq6oKrpc5d2jGUcVsOZPsDoKyg9deeo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString undefined| $ undefined| jQuery function| jqAlias string| currentState number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| googletag object| _apPbJs object| hbAnalytics object| adpTags function| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| dataLayer function| gtag object| _mNDetails object| google_tag_manager function| onYouTubeIframeAPIReady object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| lnt_z object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_127 object| Criteo_prebid_127

97 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQu7Gom6swCgoIgQIQu7Gom6swCgoI4gEQu7Gom6swCgoI5gEQu7Gom6swCgoIhwIQu7Gom6swCgkICRC7saibqzAKCQg6ELuxqJurMAoJCAsQu7Gom6swCgoIjAIQu7Gom6swCgkIXxC7saibqzA=
.aralego.com/ Name: sspid
Value: ca1151b5-e0cd-3e1c-a1dd-669fd7e348d0
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 9ccac799-1b8c-451d-b1e2-d82060918b81
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: bdc2ff7d-ee70-4afe-95ac-1373f2b20933
.adpushup.com/ Name: ap_uid
Value: 70c6f5e0-1f52-11ed-9ca7-000d3ac92781
.adpushup.com/ Name: ap_usid
Value: 70c6f5e1-1f52-11ed-9ca7-000d3ac92781
.bg3.co/ Name: __gpi
Value: UID=000008c00953a310:T=1660867445:RT=1660867445:S=ALNI_MZ639Y3l7Qj6YnGY4gEG9UpsnE4bQ
.openx.net/ Name: i
Value: bdc2ff7d-ee70-4afe-95ac-1373f2b20933|1660867445
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw9qb7lwY4AUABSAEQ9qb7lwYYAA..
.adnxs.com/ Name: uuid2
Value: 1546289813757434588
.prebid.a-mo.net/ Name: __amc
Value: 1_1660867446_1660867446
.a-mo.net/ Name: amuid2
Value: 6e37946f-f5d0-41ea-b0b7-36842074cc46
.prebid.a-mo.net/ Name: sd_amuid2
Value: 6e37946f-f5d0-41ea-b0b7-36842074cc46
www.bg3.co/ Name: cto_bidid
Value: eW8sRl9hSU0xbkoxRUl6QWdrNVVab1cwQUF5Mk9yZXFIVDZRT2ElMkJHUW1wSDd2WXRuZFJUN05IOFZMdHFtT3BKRVhIT042bENKUWV3VThlTnhtJTJGdTRwZTIzSkElM0QlM0Q
www.bg3.co/ Name: cto_bundle
Value: QqL8Kl9qSDRmeVV5bWJxb2V1ZW9tWXlLTjRFUnN6dUpqTmtkS1Z4cFFjVHYlMkJPZmppZnoyN3Y3TiUyQlRtTklmdjBtQVVrUjdPZ0tMUnVBaUpreSUyRk9DSnFzSzNLbjFlMTJXc0l1ZnolMkZqbnl1WDJ6R1hVJTNE
.teads.tv/ Name: tt_viewer
Value: a0824feb-5cb8-4010-9412-8a988bc5c57e
.rubiconproject.com/ Name: khaos
Value: L6ZPLFMY-3-AUKM
.quantserve.com/ Name: mc
Value: 62fed376-e739c-425a5-66960
.bg3.co/ Name: __qca
Value: P0-1043005569-1660867446841
.doubleclick.net/ Name: IDE
Value: AHWqTUmNG3PJtSfEb_kjBd5BS570pOOjWzTSbhQuSEexVI7THnqGoUJ8UOR3KN-vMMU
.bg3.co/ Name: __gads
Value: ID=ac0faa990e709274:T=1660867445:S=ALNI_MasV6m7q-KuNqYpO-u5BF72aHKX0Q
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1660867448.1.0.1660867448.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.250279641.1660867447
.adsrvr.org/ Name: TDID
Value: 79c13aec-f358-494c-84cc-ab07497fac3e
.media.net/ Name: data-ttd
Value: 79c13aec-f358-494c-84cc-ab07497fac3e~~1
.media.net/ Name: visitor-id
Value: 3038690486833451000V10
.media.net/ Name: data-g
Value: CAESENmLgctafq8d42JJyjBRmtk~~10
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2279c13aec-f358-494c-84cc-ab07497fac3e%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-19T00%3A04%3A10%22%7D
.openx.net/ Name: pd
Value: v2|1660867450|jElYiuvOiahI
.openx.net/ Name: univ_id
Value: 537072971|79c13aec-f358-494c-84cc-ab07497fac3e|1660867450833102
.3lift.com/ Name: tluid
Value: 1261458312665121672875
.media.net/ Name: data-o
Value: a642a9bb-ecf7-4fe9-ac35-a5f5247aa812~~8
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYwODY3NDUxfQ
.criteo.com/ Name: uid
Value: f02481e1-d578-497d-a855-fa3c73a6c532
.media.net/ Name: data-a
Value: 1546289813757434588~~8
.w55c.net/ Name: wfivefivec
Value: k0ed6Qe41OoPuH5
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bing.com/ Name: MUID
Value: 0305DB068CDE685534BAC9038DEC6904
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-c
Value: f02481e1-d578-497d-a855-fa3c73a6c532~~1
.media.net/ Name: data-c-ts
Value: 1660867451
.turn.com/ Name: uid
Value: 6930922757553007061
.linkedin.com/ Name: li_sugr
Value: 872a1730-0e76-4436-9e85-5aa0a71a0cbd
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&fd06f044-26a5-4c82-8126-6942cb80135d"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2694:u=1:x=1:i=1660867451:t=1660953851:v=2:sig=AQGHoTBBdZiDQ9bEvNn_Ekf9gdlBSPQD"
.w55c.net/ Name: matchmedianet
Value: 5
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.bidswitch.net/ Name: c
Value: 1660867451
.ladsp.com/ Name: cr
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZgYWZuYmpoYW4GALBhMvsQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzYysLQ0M7E0NDExMrIwNRDiM9QNDfIu9DdIM7BwzCsBAIWV_1slAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzYysLQ0M7E0NDExMrIwNRDiM9QNDfIu9DdIM7BwzCsBAIWV_1slAAAA
.casalemedia.com/ Name: CMPS
Value: 859
.media.net/ Name: data-xu
Value: k0ed6Qe41OoPuH5~~8
.media.net/ Name: data-rk
Value: 2020216286487508165~~8
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BEED2CCD-5A00-4A95-AB7E-649A25AD0D90
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159463:2
.pubmatic.com/ Name: DPSync3
Value: 1662076800%3A201_197%7C1661472000%3A164%7C1660953600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1662076800%3A234_71_54_56_5_165_21_247_99_231_204_220_13_8_107_209_238_176_22_7_3_179_96_189_222%7C1661472000%3A2_15_223%7C1661731200%3A63%7C1662163200%3A35
.rlcdn.com/ Name: rlas3
Value: 70DxEUpdFlE/VhdiazR15w6JFPJG/2EMXXoUSz2/qQw=
.zemanta.com/ Name: zuid
Value: gvCx8TP1nqJSimez6yQo
.ladsp.com/ Name: smn_uid
Value: QraVZibKwP4owDvUW8yDig7Hf7A3wKA
.ladsp.com/ Name: lum
Value: CN-5qJurMBIFCAMQ0AU
.servenobid.com/ Name: pid_312
Value: 1546289813757434588
.bidswitch.net/ Name: tuuid
Value: 10b13b6e-3120-4895-bbd5-4b0f61fffb84
.bidswitch.net/ Name: tuuid_lu
Value: 1660867452
.mfadsrvr.com/ Name: tuuid
Value: bb5e6a24-45a8-47df-9069-a6575b030146
.mfadsrvr.com/ Name: c
Value: 1660867452
.mfadsrvr.com/ Name: tuuid_lu
Value: 1660867452
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.servenobid.com/ Name: pid_324
Value: 1973209964914422850
.w55c.net/ Name: matchpubmatic
Value: 5
.amazon-adsystem.com/ Name: ad-id
Value: A5cmeVPG4UaGnMSymbE2ih0|t
.lijit.com/ Name: ljt_reader
Value: FK0kCLZH6TK0w-wVSNeqVds9
.quantserve.com/ Name: d
Value: EJQBCwHyJvijAA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-50a16bb0-50df-40a7-8e6d-2b41efe53873-004%22%7D
.gumgum.com/ Name: vst
Value: a_c3bcfac5-7269-4f14-b20a-727c5328bbe8
.analytics.yahoo.com/ Name: IDSYNC
Value: 196n~26o0
.yahoo.com/ Name: A3
Value: d=AQABBHzT_mICEMMTbpUR0ZRxl03ra_4VXkQFEgEBAQEkAGMIYwAAAAAA_eMAAA&S=AQAAAm38-zdE75rkXJjQTvu9yNw
.adsymptotic.com/ Name: U
Value: 69cc61b79733226328daa53afad0e15c
.rlcdn.com/ Name: pxrc
Value: CPym+5cGEgUI6EcQABIGCJC8KxAA
.casalemedia.com/ Name: CMST
Value: Yv7TfGL+03wA
.casalemedia.com/ Name: CMID
Value: Yv7TewuR7gpcgEiDeDFP7wAA
.casalemedia.com/ Name: CMTS
Value: 917
.casalemedia.com/ Name: CMPRO
Value: 874
.casalemedia.com/ Name: CMRUM3
Value: 2762fed37c0b40&0362fed37c05a0&f162fed37c05a0&2d62fed37c05a0&e662fed37c2760&6962fed37c05a0&5162fed37c05a0&1262fed37c05a0
ads.playground.xyz/ Name: connect.sid
Value: s%3AlCF-YtXJOqszcPM1wz0hV6xp1M14Ztkn.ylAikZtjG6BcoWqJkcVbt4VhCS5MHrmuNpiZbW8lbnI
.media.net/ Name: data-pba
Value: BEED2CCD-5A00-4A95-AB7E-649A25AD0D90~~8
.disqus.com/ Name: zeta-ssp-user-id
Value: 4b794089-8d1b-6e71-51fd-ebe0fe0f27a3
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJBb/k57fa14rUyebV3a1stnr0QbMMTHywTzgV+WnntmitzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCLK7j4iM4IA7EAUSFgoHcnViaWNvbhILCLib-IyM4IA7EAUSFwoIcHVibWF0aWMSCwj-lOKRjOCAOxAFGAEgASgCMgsIjrSNwaLggDsQBTgBWgZndW1ndW1gAg..

6 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fdi-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cdn.adpushup.com/42753/L2EvZGktMXRpYW4tc2hhbmcteHVlLXRhLWRhLWt1LWEtbWEtcGluZy1qaS15aS14aWFuZy1qaWUtc3VuLW51LWh1aS1qaWEtamllLXdlaS1jYW5nLXlhbmctY29uZy5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html".
javascript warning URL: https://www.bg3.co/a/di-1tian-shang-xue-ta-da-ku-a-ma-ping-ji-yi-xiang-jie-sun-nu-hui-jia-jie-wei-cang-yang-cong.html
Message:
The resource https://d-18727999461345680567.ampproject.net/2208051912001/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26236a2c0aee05015173d6c6a7f5ce0d.safeframe.googlesyndication.com
71f760a9a177b3fbf8a1c0adb15a23b1.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.com.au
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
cdn.adnxs.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
d-18727999461345680567.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
dps.jp.cinarra.com
dsum-sec.casalemedia.com
e3.adpushup.com
e93a9465eeb8f221b3954a2a3c54535f.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lax1-ib.adnxs.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
r.casalemedia.com
res-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
warp.media.net
www.bg3.co
www.example.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
hb-api.omnitagjs.com
103.229.10.180
103.229.206.241
103.231.98.194
103.254.153.160
104.16.87.20
104.18.12.76
104.18.18.126
104.18.19.126
104.18.99.194
104.19.172.108
104.211.156.162
104.254.148.252
104.254.151.120
104.254.151.69
104.26.3.91
106.10.236.40
107.178.244.193
107.178.254.65
119.9.108.180
13.107.21.200
13.107.42.14
13.213.84.110
13.224.250.18
13.224.250.50
13.227.254.129
13.227.254.36
13.250.200.154
13.76.45.37
132.226.63.138
139.162.58.205
142.250.4.101
142.251.10.95
142.251.12.132
142.251.12.94
145.40.89.200
148.251.44.111
151.101.1.108
151.101.1.44
151.101.193.108
151.101.2.49
169.45.107.147
172.217.194.132
172.217.194.154
172.217.194.157
172.217.194.99
172.253.118.154
172.64.152.245
172.67.71.254
18.138.18.111
18.177.221.103
18.182.152.7
18.198.190.98
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
185.183.112.155
185.184.8.90
185.84.60.30
195.5.165.20
198.8.71.128
202.131.200.84
202.241.208.53
209.191.163.208
209.191.163.209
23.106.127.39
23.106.127.53
23.106.69.73
23.15.148.136
23.195.152.23
23.195.153.54
23.36.252.26
23.72.44.196
23.72.44.239
23.8.97.76
3.1.14.27
3.113.231.86
3.209.79.8
34.102.253.54
34.107.148.139
34.239.50.221
34.98.64.218
34.98.67.3
35.171.56.4
35.186.193.173
35.190.60.146
35.213.12.39
35.227.202.26
35.244.159.8
35.71.131.137
37.157.3.28
38.133.127.191
38.91.45.7
42.99.140.144
42.99.140.200
42.99.140.209
50.116.239.135
51.79.234.100
52.0.153.146
52.199.247.144
52.201.183.195
52.223.2.229
52.46.130.91
52.71.232.26
52.74.113.22
52.74.162.2
52.84.45.81
52.95.118.179
54.169.147.137
54.179.19.43
54.204.166.241
54.238.120.71
54.250.28.113
54.251.169.230
64.120.88.131
64.202.112.31
66.155.71.149
67.199.150.81
67.199.150.85
69.16.175.10
69.173.151.100
69.173.158.64
69.173.158.65
72.34.250.75
74.118.186.45
74.125.130.149
74.125.130.94
74.125.200.157
74.125.200.97
74.125.24.155
74.125.24.156
74.214.196.131
84.17.37.44
89.207.22.108
93.184.216.34
99.81.199.81
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
02505e4ef13301359aeaf332c2c5bc58b77df98e8e33c8d210673722f9061b78
029061f3bf05e039291681ea5a9931e4f39d7327af45fdf51c09493cbe177519
041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a7f5e9222d04e5ee7e7449be422f7ca5c4cc117123ce70855cf978af909764a
0a9906e691335ab30f64396b06cf01d4ffe4dc7b431a545a3e534c31bf3255bf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ed7ebd8ba9d5955cbbbc622e376b8881f475555eaed4c8d8cb163f5a81362b1
11c516a19d3977b1d03598309dc6c040b550df62a0ad16aa60c4fd8726e0b1b4
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19be82572deda194f746322b95e59c27d5aa701af6074fb81cefacd28c133707
1b38c342b4c6b2c7cb382ccfcb9cdfef3f8f350def4895fae5bb6d7d69e63655
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
213096ae3ff414297685220be55162b5e51cbb1c926efb492cbfa0179a3ec320
213533319f081f762764fccdbb0531102cb7dff7cddb2545a1cba0ca6b19076d
22da7fd90bee3d5a37570c9ed148dfa1a49fe0e2da62325a06ef8314f7822429
264e48adbf18814f4ba24678cfd118e172fa26cd489367516b0e718bdb7c81a0
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2878ede20c2ca14a43d6f85e9d795545866ece73ce8e73e6d181656f531506ed
2a32f145ebce429e33c7295b9ee1f383ae8b8cf476bd137924c2f26636003087
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3049e5547df186133f61e510d45f522e001d34ed6e1f891e5ffcb9e2be7cb81b
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a084a8dec099905e94f6965a54c20b5caec97f71e316147ab4ead776dae393e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fbc163f603ea59c94279e7a3df290a5baa4447788525dd78f3b961221a7a31b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8d636d5f19a77ba269da80eb65fe31c1d59a775447a1675c73940b7effb7e
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
46cb96daf91734a4aabd0a5f36cc2d5d65f23d19731445449e310129daf3e92f
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b8ef3c7970b30624d4b0285ac55e6851da8f260ce876dd1bfe4728dc6af3d1a
4ca5af10572112452e812f3c2d07f0963a7bde58a9ca9f83ea75527005dec600
4d0d39b1cb16159d0dc83d02e4d1cfc41d2d30a82b8d197b7a8287214e6e73af
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9f870dcdd59a7dd8227935e26ba4d6b14fe7b3568045a252110db406138254
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f4a0fd9d20a4628fc9e0ec96433b5bcfe1a660a682761622fd0af78dab8c1a1
50734112a22152589264b2cf8ea8a269aa8585dc3e130ab8648e779cc24b0a6e
508eae0cc8d3a6ed52153299cf0c76415504eda61c775635ed8cb5e60d176e1a
50e1629d8848f3bc182a82e60d529fe89ecca0cd8b92739eae1ddcc3d30b660a
51762e833ee73ae724bdac2349a16029ab273b4eb9b97d37f8341be8b7e0ac08
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
558562c09243148ebc12aa24502571a0c586c891b06ed88edacae07812abfb91
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
57bee627a2e3feedb2414d2382c3a357db2031b1ef93656a26bcf1cf6e65f9b9
5878db72775119d2bb47ed38b5363cbf4dc6fdad673e78529fd6e81afda84bde
596a8eeba0885160738504c65ce2a18c56b758118e2fa20131b536ff3bae4b83
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
5f22df928281fbaab2fceaaf4e6a66bde42415fab16b61b5dc4346c4e4fbdc9d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
63ef3285adf03cd76db68906ee4f687af534b8cb4dae2b8b294d6ed582f95b08
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66abc5daee3e375383bc30c88dc778604bef5e7dbf5a148d9567f3cce6834f42
68510bb34f26f58947a29a0b443e30391a586c680d1dfc74672758a13255bca7
691e8243403b0682af95cd9611d7f5841a021a94ce2a0f9dc4928fe40e717616
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb62089ea8b85e23849f8a1d81c4bf8f76e14a21d28034a6b1253a31a1fdfbc
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
71b6ddcb44acd76b834870f1350583a7eab692f8293d27c644f75bd86d612b2f
72cd5c8fd76fa24fcf7da1858140f05e086d3a37a5a901b4fc0fd7ff362cf101
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
741db92350bb13c2ebd58f2c9b08be8b2a27f09627feeacd61b90b4399973297
74f02eef8b16de1e020787c6b8415bc8d82699e55a145acc6b9c1e1ba43f220f
764c35e4d5842dfdc52da060b39a804c1af94a7c06b3c3919b1b5f0c73c7b5d8
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79aa0de5687272e0d73f37c1a8a54cebb664d01f3d7b18f0b834d04bb7b523f4
7d0dd7fc72ac0d9934b03f2753705b59f2c7a8617302d999bb18ec801d46eb1f
7e7a4e8bbff1f6b07864242a5735c7bd678f801846018bda3bb340337f5cbe5e
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
8451d36c6661fd1e782a5168fa5cfa47bade280c10541c156750aabf1e71522f
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
86f13971b72a155bae6b4f69d04366404892cd47992d340c16965db807007732
8834c62eb0bf50323017a8c4d13eddb19c71051451cbf58f980236babaea2d53
8877c12ecd2f30c8f7d08fdb83b48dc0d408d9f50e06966704baa5269bc869dc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8b23f7567ef1acb9d3a8797dc9b1c09526afbc0f65b20dda3d6344704d62ad52
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8ff56c5c8285932f1fc2001d729ec5e8aff6fbb861fb26bd14a9f581b905da1c
90133ed2d82cc7a99ddfe7ad9407d90a36f159dc18212aec5a916a16c189a9bb
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
939799feaa0542b4603e0bde751132aa68a5108da3ba6702a88e668efa6dd663
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aa8943d829122701bc92089afaa1e27f4ce6a3004b307f6c950be2138d079e4
9b271bd19560e2ae339c8fcb089aa64a617b1958acb7e0c6dd95544d4cabf4a4
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9dc368be0b3da20f3aca5e115ba36c415edef843b54784dbb72554da71cc6f94
9edb207f77a3c8a0b3f504d605a2e6850309ad45073da4f02ce74a578adffb11
9fbd0e9eadcd58117a0e66c707bdde0ee37d03b954d4f631c467ec379702c227
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0748720bdbaa97c40517eeab01cb9eae0b2be768e9cb8814d245fea62576250
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a705aa0b64f0670de8449cd40a0eb5fba96db711b4e665fc40c8324463c53815
a7284a3c8c1b158369a99c9c1b758f53df3edfd55ba416f1012130c38e330a0d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a777ffc0d7c8a418b7c52b74a7c0266061f1bf8a6c84ebd59bdb8ab7a01e036d
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b
ab7fc2ebd787d1967fda36bcd02e4bf4781c486185729b4e27187ca7c46ef9f3
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02d1bc081f1deb5e2b61977fddf1b8746efeb28d188f94e85538e7a17690afc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b330127a6b244300a86fd60981058c8a10e1b464e27c08bd223664968c3ada3e
b4d1f5cd789186c23e27ea6b14357e0969043ee3bab2272306f75ad3fa5a42b3
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce7b7a333407f4649b212295c4ae99cfc020e26db50d87e3c92138bcf0426a8
be0e656c68f08fa434cf50001b1c6c0d7374a883c0a15b54b4317ca246e53990
bf6c0305fba025c4a6a27c7b92b12af780623447dbb2b6cec5c30329a860edd8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2426b0b11807176e1bc403ed3625538756549415f56ecf798584cb41facfd17
c28d64aeb3e60dd61f5455f8a7fd30c0061d469bcc5b72ceb46864fcf8f6bd3c
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c55673cf647110f8208a66bf1e96a57bb4c12b29007b735615f5614ab0944ccc
c5c25af4593430a459a0aab2bf3961c5618f685992f4de796410853bafa1a310
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c960170342866ce58069a06243f7ccc3705cbbc716972540dadb85fcfc95fc9a
ca12ae965001fe5593adc88a216d45e927ce12bb3c6e4a13d0ce5c678cbb9bcc
cec86000614c360806b56a0a4312aa09671cae16e6ac2f41fe818e25f47a4d04
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d087e165da43976d8c976a24ac547426c192d92c0f0deae2480dfc463ded5b1e
d0e9a416201298be38079963ef94247970ffe9adee4872b902b9a0cb899f6f8c
d21d71482b319441598223a737db827275ca21314bbe4b7976f53232f02accef
d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08
d37b6441dc4049f8fe981972f64903aa46280708aa7f2c4465b447df78459f5f
d52a1fcf7498415595c5bfc7ceba00fd9af8003eda0d498f51f8775b41003e43
db263f49842f1f8b1f49a2b9ca8e7b48ad6879f93964fe1cb24edf2821c670dc
db647b901bd57b98b910d8adca49b14d538d92ecc6e938b2edf73ed56821afe3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d03153172efea54f2f4831e7bf1ccb9b073856b46235d723d0baa8867af617
e789f7935d6d7776a0c2341570220c445bc1c493381518c085e641f9128b8938
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e95d2f9d33e39a83d463ddfc52428ef37252c3d3008e878dd343338d08cb5e44
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4319a6ea5f1c6f437ccc7844a84c35d1871152e962df7f8d611a0c52a3931c
f04a306d79bd345738decad5ed866e5b3149799ea004335e26a078172e2f2e1a
f1e691269432cba8bed2110866d1a1a67546edcb41cb7e9f5e3fc9de6736a59e
f2e341201299d731f3cbadc647fd3a67aba7d78f7bd344303b92e7f00b3f7276
f4db9ca9a673b64d1dc341beccc6ca08e05bde9ffd7fefa84b35fb10ed556340
f578cf376160a5a7ef9e3810b351122aa17699121f7d55f462b025d879c2c25e
f5ca7a0b7f8b2a346d7f64bd3ad0a304f161650ee1739bfbd5dee59b808f3653
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7dd9c51fe1581caff8a6131e4ff6707531c590a9ac8396c39229d0a103891f2
f97a66baace554fcc8ff5215d1106b445260c376086d64a04bd1d80c4a9cc9ca
fed912a33f5d9e06fd80cc7cd560a17c8effd8bb9bd311d519d8cd18209ee5f5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e