urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Submission: On September 17 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 9 countries across 94 domains to perform 512 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 583884.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 74.125.24.132 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 23.44.4.192 20940 (AKAMAI-ASN1)
5 23.44.5.176 20940 (AKAMAI-ASN1)
3 64.120.88.131 133752 (LEASEWEB-...)
14 104.26.2.91 13335 (CLOUDFLAR...)
62 172.253.118.157 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
11 74.125.24.156 15169 (GOOGLE)
8 142.250.4.156 15169 (GOOGLE)
1 172.217.194.94 15169 (GOOGLE)
2 142.251.10.97 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
2 142.251.12.154 15169 (GOOGLE)
5 142.251.10.156 15169 (GOOGLE)
2 15 142.251.10.154 15169 (GOOGLE)
2 13.33.33.91 16509 (AMAZON-02)
3 74.125.24.139 15169 (GOOGLE)
37 74.125.200.132 15169 (GOOGLE)
1 104.16.88.20 13335 (CLOUDFLAR...)
15 34.251.200.30 16509 (AMAZON-02)
3 3.114.61.6 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
5 10 104.254.148.251 29990 (ASN-APPNEX)
1 34.107.148.139 15169 (GOOGLE)
3 15 34.98.64.218 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
3 145.40.89.200 54825 (PACKET)
4 20 51.79.234.100 16276 (OVH)
1 23.195.153.54 16625 (AKAMAI-AS)
1 54.251.169.230 16509 (AMAZON-02)
1 44.231.196.20 16509 (AMAZON-02)
4 19 104.18.19.126 13335 (CLOUDFLAR...)
1 4 103.229.10.171 16509 (AMAZON-02)
10 74.125.24.147 15169 (GOOGLE)
1 13.33.33.78 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.227.254.79 16509 (AMAZON-02)
5 142.250.4.154 15169 (GOOGLE)
28 64 142.251.12.155 15169 (GOOGLE)
29 142.250.4.148 15169 (GOOGLE)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 54.251.139.99 16509 (AMAZON-02)
1 159.203.145.121 14061 (DIGITALOC...)
9 10 52.74.162.2 16509 (AMAZON-02)
2 182.22.16.123 23816 (YAHOO Yah...)
6 8 64.202.112.159 22075 (AS-OUTBRAIN)
3 4 13.107.42.14 8068 (MICROSOFT...)
1 1 202.232.238.37 2497 (IIJ Inter...)
7 9 35.213.12.39 15169 (GOOGLE)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.118 16276 (OVH)
8 172.217.194.154 15169 (GOOGLE)
9 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
2 4 23.54.57.83 16625 (AKAMAI-AS)
4 7 50.116.239.135 6336 (TURN-US-ASN)
4 4 169.45.107.147 36351 (SOFTLAYER)
2 3 34.96.105.8 15169 (GOOGLE)
6 9 13.251.66.227 16509 (AMAZON-02)
6 7 185.84.60.30 198622 (ADFORM)
1 182.161.73.132 55569 (CRITEO-AS...)
1 2 74.125.68.148 15169 (GOOGLE)
2 103.229.205.243 30419 (MEDIAMATH...)
6 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
2 182.161.73.136 55569 (CRITEO-AS...)
11 12 35.71.131.137 16509 (AMAZON-02)
3 10 35.71.178.8 16509 (AMAZON-02)
1 23.195.152.23 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
6 23.15.148.136 16625 (AKAMAI-AS)
1 52.84.45.81 ()
1 23.10.23.66 16625 (AKAMAI-AS)
7 14 69.173.158.64 26667 (RUBICONPR...)
6 6 35.227.202.26 15169 (GOOGLE)
3 3 107.178.244.193 15169 (GOOGLE)
2 2 3.113.228.171 ()
2 2 124.146.215.43 2514 (INFOSPHER...)
1 1 18.155.68.29 16509 (AMAZON-02)
2 2 54.192.150.119 ()
6 6 103.229.206.241 30419 (MEDIAMATH...)
1 2 69.173.144.165 ()
1 2 23.106.127.38 59253 (LEASEWEB-...)
4 6 35.190.60.146 15169 (GOOGLE)
4 8 209.54.182.161 ()
1 3 67.199.150.82 62713 (AS-PUBMATIC)
1 23.36.48.24 ()
1 3 104.18.99.194 ()
1 13.107.21.200 8068 (MICROSOFT...)
1 1 104.69.148.168 ()
1 5 104.18.18.126 13335 (CLOUDFLAR...)
2 3 54.239.38.253 ()
1 1 34.111.151.213 ()
6 6 23.106.69.72 ()
3 3 107.178.254.65 ()
1 1 34.98.67.3 ()
3 3 52.205.223.187 ()
1 104.18.12.76 ()
3 23.72.44.196 ()
1 54.168.48.215 ()
1 23.106.127.53 ()
2 2 23.9.185.218 ()
1 3 3.230.47.190 ()
2 2 209.191.163.208 ()
2 2 209.191.163.152 ()
7 7 74.118.186.45 ()
1 1 198.8.71.128 ()
1 1 72.34.250.75 ()
1 1 35.168.53.23 ()
1 1 80.77.87.161 ()
1 3 23.106.127.39 ()
1 54.36.150.184 ()
1 54.255.75.208 ()
1 103.231.98.196 ()
2 2 104.254.151.69 ()
2 2 18.177.100.181 ()
3 151.101.66.49 ()
1 1 104.19.172.108 ()
12 13.112.54.241 ()
1 150.136.156.92 ()
1 38.91.45.7 ()
2 2 54.179.141.118 ()
1 1 74.214.196.131 ()
1 35.174.63.73 ()
3 103.231.98.194 ()
1 1 18.138.18.111 ()
1 103.231.98.195 ()
4 67.199.150.86 ()
512 100
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
3ed068a02ba7af14c0b35b3d4743e97e.safeframe.googlesyndication.com
e9ff84e58cb1d6544025f17bbc3df4df.safeframe.googlesyndication.com
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.44.4.192 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-4-192.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    23.44.5.176 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-5-176.deploy.static.akamaitechnologies.com
cdn.adpushup.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
14    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
62    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
pagead2.googlesyndication.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
11    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
securepubads.g.doubleclick.net
8    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
adservice.google.com
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
d-16930432452180773345.ampproject.net
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
2    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
partner.googleadservices.com
5    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
adservice.google.com.au
15    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
googleads.g.doubleclick.net
adservice.google.com.au
2    13.33.33.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-91.sin2.r.cloudfront.net
adx.holmesmind.com
3    74.125.24.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f139.1e100.net
www.google-analytics.com
37    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
tpc.googlesyndication.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
15    34.251.200.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    3.114.61.6 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
15    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
3    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
20    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    54.251.169.230 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-169-230.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    44.231.196.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-196-20.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
19    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
4    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10    74.125.24.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f147.1e100.net
www.google.com
1    13.33.33.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-78.sin2.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.227.254.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-79.sin52.r.cloudfront.net
pxl.qccerttest.com
5    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
www.googletagservices.com
64    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
cm.g.doubleclick.net
29    142.250.4.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f148.1e100.net
s0.2mdn.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    54.251.139.99 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-139-99.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
10    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    182.22.16.123 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
PTR: edge1700.img.vip.otm.yimg.jp
cksync.yahoo.co.jp
8    64.202.112.159 (Lovettsville, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    202.232.238.37 (Minato-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
9    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
8    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
googleads4.g.doubleclick.net
9    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
4    23.54.57.83 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-57-83.deploy.static.akamaitechnologies.com
sync.teads.tv
7    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
4    169.45.107.147 (Baton Rouge, United States)

ASN36351 (SOFTLAYER, US)
PTR: 93.6b.2da9.ip4.static.sl-reverse.com
um.simpli.fi
3    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
9    13.251.66.227 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-66-227.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
7    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    74.125.68.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f148.1e100.net
ad.doubleclick.net
2    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
6    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
10    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.84.45.81 (None, )

ASN- ()
public.servenobid.com
1    23.10.23.66 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-10-23-66.deploy.static.akamaitechnologies.com
js-sec.indexww.com
14    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
6    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
3    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
2    3.113.228.171 (None, )

ASN- ()
aa.agkn.com
2    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    18.155.68.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-29.sin52.r.cloudfront.net
cr-p3.ladsp.jp
2    54.192.150.119 (None, )

ASN- ()
cr-pall.ladsp.com
6    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    69.173.144.165 (None, )

ASN- ()
pixel-eu.rubiconproject.com
2    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
8    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
3    67.199.150.82 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    23.36.48.24 (None, )

ASN- ()
cs.media.net
3    104.18.99.194 (None, )

ASN- ()
p.adsymptotic.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    104.69.148.168 (None, )

ASN- ()
stags.bluekai.com
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    54.239.38.253 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
6    23.106.69.72 (None, )

ASN- ()
gu.dyntrk.com
3    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
3    52.205.223.187 (None, )

ASN- ()
sync.srv.stackadapt.com
1    104.18.12.76 (None, )

ASN- ()
cdn.indexww.com
3    23.72.44.196 (None, )

ASN- ()
ads.pubmatic.com
1    54.168.48.215 (None, )

ASN- ()
g2.gumgum.com
1    23.106.127.53 (None, )

ASN- ()
ssbsync.smartadserver.com
2    23.9.185.218 (None, )

ASN- ()
secure-assets.rubiconproject.com
3    3.230.47.190 (None, )

ASN- ()
x.yieldlift.com
2    209.191.163.208 (None, )

ASN- ()
ce.lijit.com
2    209.191.163.152 (None, )

ASN- ()
ap.lijit.com
7    74.118.186.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    198.8.71.128 (None, )

ASN- ()
p.rfihub.com
1    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
1    35.168.53.23 (None, )

ASN- ()
ssp.disqus.com
1    80.77.87.161 (None, )

ASN- ()
cs.admanmedia.com
3    23.106.127.39 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    54.36.150.184 (None, )

ASN- ()
cookie-matching.mediarithmics.com
1    54.255.75.208 (None, )

ASN- ()
match.sharethrough.com
1    103.231.98.196 (None, )

ASN- ()
image6.pubmatic.com
2    104.254.151.69 (None, )

ASN- ()
secure.adnxs.com
2    18.177.100.181 (None, )

ASN- ()
match.prod.bidr.io
3    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    104.19.172.108 (None, )

ASN- ()
csync.loopme.me
12    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
1    150.136.156.92 (None, )

ASN- ()
sync.technoratimedia.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    54.179.141.118 (None, )

ASN- ()
ad.360yield.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    35.174.63.73 (None, )

ASN- ()
cs.emxdgt.com
3    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
4    67.199.150.86 (None, )

ASN- ()
image2.pubmatic.com
Apex Domain
Subdomains		 Transfer
105 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
3ed068a02ba7af14c0b35b3d4743e97e.safeframe.googlesyndication.com
e9ff84e58cb1d6544025f17bbc3df4df.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
1 MB
98 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
ad.doubleclick.net — Cisco Umbrella Rank: 178
653 KB
29 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
816 KB
28 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
pixel-eu.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
44 KB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
20 KB
20 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
10 KB
19 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
9 KB
18 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
5 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.as.criteo.net — Cisco Umbrella Rank: 17010
csm.as.criteo.net — Cisco Umbrella Rank: 17365
120 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1646
public.servenobid.com
9 KB
15 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 607
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
27 KB
15 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13567
us-u.openx.net — Cisco Umbrella Rank: 396
u.openx.net — Cisco Umbrella Rank: 650
jp-u.openx.net — Cisco Umbrella Rank: 10797
3 KB
15 bg3.co
www.bg3.co — Cisco Umbrella Rank: 583884
static.bg3.co
139 KB
13 gumgum.com
g2.gumgum.com
usersync.gumgum.com
5 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com
48 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15327
e3.adpushup.com — Cisco Umbrella Rank: 16605
aplogger.adpushup.com — Cisco Umbrella Rank: 16434
216 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
6 KB
11 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
7 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
4 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
217 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
4 KB
8 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 3434
sync.mathtag.com — Cisco Umbrella Rank: 444
4 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
4 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
4 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
r.turn.com — Cisco Umbrella Rank: 3229
3 KB
7 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 97372
2 KB
6 dyntrk.com
gu.dyntrk.com
4 KB
6 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 561
idsync.rlcdn.com
922 B
6 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1762
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3 KB
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
869 B
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22529
ads.as.criteo.com — Cisco Umbrella Rank: 17083
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17485
gum.criteo.com — Cisco Umbrella Rank: 406
46 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30433
sync.aralego.com — Cisco Umbrella Rank: 3193
4 KB
5 1rx.io
sync.1rx.io
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
219 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
sync.teads.tv — Cisco Umbrella Rank: 1077
1 KB
4 lijit.com
ap.lijit.com Failed
ce.lijit.com
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
3 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
1 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
cms.quantserve.com — Cisco Umbrella Rank: 1020
11 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9047
45 KB
3 everesttech.net
sync-tm.everesttech.net
320 B
3 yieldlift.com
x.yieldlift.com
742 B
3 stackadapt.com
sync.srv.stackadapt.com
2 KB
3 pippio.com
pippio.com
734 B
3 adsymptotic.com
p.adsymptotic.com
597 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
648 B
3 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2350
195 B
3 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3386
sync.inmobi.com — Cisco Umbrella Rank: 2025
2 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
1 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
contextual.media.net — Cisco Umbrella Rank: 559
cs.media.net
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
510 B
2 360yield.com
ad.360yield.com
624 B
2 bidr.io
match.prod.bidr.io
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
930 B
2 ladsp.com
cr-pall.ladsp.com
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
2 KB
2 agkn.com
aa.agkn.com
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
3 KB
2 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3723
1 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 364903
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
1007 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
74 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 654
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 14734
11 KB
1 ambientdsp.com
cm.ambientdsp.com
653 B
1 emxdgt.com
cs.emxdgt.com
67 B
1 contextweb.com
bh.contextweb.com
664 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 loopme.me
csync.loopme.me
362 B
1 sharethrough.com
match.sharethrough.com
280 B
1 mediarithmics.com
cookie-matching.mediarithmics.com
86 B
1 admanmedia.com
cs.admanmedia.com
686 B
1 disqus.com
ssp.disqus.com
287 B
1 sonobi.com
sync.go.sonobi.com
655 B
1 rfihub.com
p.rfihub.com
735 B
1 linksynergy.com
tags.rd.linksynergy.com
392 B
1 brand-display.com
dmp.brand-display.com
367 B
1 bluekai.com
stags.bluekai.com
740 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 220
668 B
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 26243
225 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 64791
704 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 2535
134 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 658
471 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
551 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
681 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209
519 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 ampproject.net
d-16930432452180773345.ampproject.net
0 nrich.ai Failed
dsp.nrich.ai Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 atdmt.com Failed
ad.atdmt.com Failed
0 adxpremium.services Failed
rtb.adxpremium.services Failed
512 94
Domain Requested by
64 cm.g.doubleclick.net 28 redirects googleads.g.doubleclick.net
www.bg3.co
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
62 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
www.googletagservices.com
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
37 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
pagead2.googlesyndication.com
29 s0.2mdn.net www.bg3.co
s0.2mdn.net
googleads.g.doubleclick.net
20 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
17 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
15 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
onetag-sys.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
14 static.bg3.co www.bg3.co
13 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
www.bg3.co
12 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
12 match.adsrvr.org 11 redirects cdn.adpushup.com
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
10 ups.analytics.yahoo.com 9 redirects onetag-sys.com
10 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
10 ib.adnxs.com 5 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 pr-bh.ybp.yahoo.com 6 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
9 static.criteo.net cdn.adpushup.com
static.criteo.net
ads.as.criteo.com
9 x.bidswitch.net 7 redirects www.bg3.co
onetag-sys.com
g2.gumgum.com
8 s.amazon-adsystem.com 4 redirects onetag-sys.com
eb2.3lift.com
ssum-sec.casalemedia.com
8 us-u.openx.net 3 redirects googleads.g.doubleclick.net
u.openx.net
8 googleads4.g.doubleclick.net www.bg3.co
8 b1sync.zemanta.com 6 redirects googleads.g.doubleclick.net
www.bg3.co
8 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 c1.adform.net 6 redirects ads.pubmatic.com
7 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 gu.dyntrk.com 6 redirects
6 sync.mathtag.com 6 redirects
6 odr.mookie1.com 6 redirects
6 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
6 pix.as.criteo.net ads.as.criteo.com
6 e3.adpushup.com www.bg3.co
5 sync.1rx.io 5 redirects
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
5 www.googletagservices.com googleads.g.doubleclick.net
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 image2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 3 redirects www.bg3.co
4 um.simpli.fi 4 redirects
4 ad.turn.com 4 redirects
4 sync.teads.tv 2 redirects googleads.g.doubleclick.net
4 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 px.ads.linkedin.com 3 redirects www.bg3.co
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 simage2.pubmatic.com ads.pubmatic.com
3 sync-tm.everesttech.net ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 pippio.com 3 redirects
3 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 p.adsymptotic.com 1 redirects eb2.3lift.com
ads.pubmatic.com
3 image8.pubmatic.com 1 redirects onetag-sys.com
public.servenobid.com
3 id.rlcdn.com 2 redirects onetag-sys.com
3 pixel.tapad.com 3 redirects
3 tr.blismedia.com 2 redirects 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
3 r.turn.com 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
3 prebid.a-mo.net cdn.adpushup.com
www.bg3.co
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 ad.360yield.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 secure.adnxs.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ce.lijit.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-pall.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 aa.agkn.com 2 redirects
2 ap.lijit.com www.bg3.co
2 gum.criteo.com cdn.adpushup.com
2 csm.as.criteo.net ads.as.criteo.com
2 tags.mathtag.com 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
www.bg3.co
2 ad.doubleclick.net 1 redirects ads.as.criteo.com
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 cksync.yahoo.co.jp googleads.g.doubleclick.net
2 pixel.quantserve.com 1 redirects www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 image4.pubmatic.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 csync.loopme.me 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 match.sharethrough.com ssbsync.smartadserver.com
1 cookie-matching.mediarithmics.com ssbsync.smartadserver.com
1 cs.admanmedia.com 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 p.rfihub.com 1 redirects
1 ssbsync.smartadserver.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 tags.rd.linksynergy.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 stags.bluekai.com 1 redirects
1 c.bing.com eb2.3lift.com
1 cs.media.net contextual.media.net
1 cr-p3.ladsp.jp 1 redirects
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 ads.as.criteo.com 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 sync.fout.jp 1 redirects
1 cs.chocolateplatform.com googleads.g.doubleclick.net
1 ads.yieldmo.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 pxl.qccerttest.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 e9ff84e58cb1d6544025f17bbc3df4df.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 3ed068a02ba7af14c0b35b3d4743e97e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-16930432452180773345.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 dsp.nrich.ai Failed ads.pubmatic.com
0 creativecdn.com Failed g2.gumgum.com
0 ad.atdmt.com Failed googleads.g.doubleclick.net
0 rtb.adxpremium.services Failed cdn.adpushup.com
512 149

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
cs.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2022-06-28 -
2022-09-26		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-08-05 -
2023-09-04		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.mediarithmics.com
Gandi Standard SSL CA 2		 2022-02-10 -
2023-03-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.yieldlift.com
Amazon		 2022-01-14 -
2023-02-11		 a year crt.sh

This page contains 76 frames:

Primary Page: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Frame ID: 5BFF916099BB150B4FF3467E1F05EE15
Requests: 96 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 79E944C458EF49DE22081C2400D7648B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 7AB679FA849E84F158F8A8AEDF4BBA23
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: AE1F54ED81FD9F645E3C0160FADF98C2
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 36768A05D5AF5A73FFA839D105D47A80
Requests: 9 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 2BB8065C984BF2EE855A34FB233D100F
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: B82E3E972E3B209B768C327CB9599AC0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-15351295052285754535&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2856&oid=2&is_amp=5&amp_v=2208242209000&d_imp=1&c=732002991&ga_cid=amp-7QKNI_xTSKvqK3pWgp2GZQ&ga_hid=2991&dt=1663396605253&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&bdt=2164&dtd=376&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 060FB0253A705DD7DAF0C8B14C0EB697
Requests: 1 HTTP requests in this frame

Frame: https://3ed068a02ba7af14c0b35b3d4743e97e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FDBE3EDD5D32C081DDC98CC2202F0F60
Requests: 1 HTTP requests in this frame

Frame: https://e9ff84e58cb1d6544025f17bbc3df4df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 454603AEB20014C78EA2EF3EAAD17DC1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B3C56A807F74C5CFD6E4146291C3900
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84A2824DD6B49C407AF70F734E5B4733
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 906B2D2D00D1060364BEA684AC9A873E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D958982CCD2E6CD7AD131B7D5A1F78EB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Frame ID: 212093E03EB68264B11519DFB436A146
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Frame ID: DADA9EE34D2071E260CC5D9C6AE40507
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWP5fDgVYYjKGIT6UpWSQOvi14GBrE11dg-xplwEo_a2L4_t7sKsUx-3xtoCAEVaZcrxky6Wattz0m563xl2PfQdo_hLA
Frame ID: 622D79DBC7EA6B81A793DC93E57EECFD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVxT9AwWhUhp5MazXxt3i4FkUUdGMHpea7Vj1tNnfj8396uq80IU4lv_t8xF-_pVTQHA2YOvVJgqFYEPVx-l6IkJyoPOg
Frame ID: 8EE81FEBBACE01CBC72BE70257B2E2DA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DCAC4AD1A07AD3E0A87DDDAEAD27E67E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1236AC70E5CDAA92C6277D2A0BA1CD96
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED5344B95D9834048F494C5DD04F9039
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0215D575F7E75CDD3DACE3EB330D7070
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Frame ID: 5FA3D0B1EE7FEC5A8C7BF38265A5AE1A
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Frame ID: 7F5359D1FC76BDCFA3E0F4CA66A7EC07
Requests: 7 HTTP requests in this frame

Frame: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F56CCF880B2C1A0FA529074DB4A800EB
Requests: 1 HTTP requests in this frame

Frame: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7DA8F5EA0C1918B98B23AAAD59C5A0CE
Requests: 16 HTTP requests in this frame

Frame: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FBEA3ED8D8B32959F988536812484615
Requests: 16 HTTP requests in this frame

Frame: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 257ADE9669F091E14910DECB08CE2E7E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVhXWMjnw6d_P-cFtkzxfarjhBwA4NzcWjnarTb49s_2qxOnwTXwrUKIoOdv-eh3WMl_8m-im1-FMrxd5v15cXqP8ZskA
Frame ID: B50719330A5BDCA84D4F12A7C1D42520
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVgFIOVsIygt6-n3vKOXb8slf4hUqxfxJ8Hr-1TwUZp8IjhQAxhSQMCBkWE9f1JD5kSt3EUSSkMVdtg1uXx0bZZI_EcKw
Frame ID: 7816FDEAD243650D458B536539F64C06
Requests: 5 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 38630D8184547D59DD43FDABF5C0F684
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21162ED67000A8DC472C7F40E74B6836
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C82C71173C35BB5C361DCFE4784F767
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 497261FC4A3B8790C692D023CC0E5143
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 32005E9290B481E56921CE9FEFB4DD5D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC7A6D3C26D1C1B7BB9D0589113DA240
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7988790760513552004/index.html
Frame ID: 7E727D0D708CEC84D02E83C60D8135FA
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Frame ID: 796BD4C4F593B0867B0776B234717AAA
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: D9415093DF20F20F0E643592521226C6
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663396608571
Frame ID: 4206A68DE8C4B801CFA3843752D24618
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: BDDB6373BF4F4E41FDBB8EE8D159F5C1
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CA15B5E3688D5CB96DFD172E9C71B319
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4B6ADB00D84ACD995DFCC7D6DE353109
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 909B23AE7949349F3ED9138229885533
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A8668560E358E017201C9AF13AD332EC
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F637E636000102BF290AA48268F16145
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 114E1C6DEDA3C9B6910E4969B17CB7FC
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83063A1B96273C6166647C707211CEAE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B20B373DF364706E955EACDC1A5EE688
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBB429AEA958E6B96700F751DE4D7552
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58435EF351D37F8945BFAA026F935836
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CF0F34CA9E8BE08C24485CCE3776871
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F27558D3F21479AFB151C382FFC5DB64
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E22CDAAA227585B7C3C47EA48FCBB6C1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06043C9930903F9D4D6A4646A75A097A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 14933980CE437A146903DF5F77478A7C
Requests: 12 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 03819F4CCB7EA7B40A444F98D72431F0
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 736525619171CDD4A933E93EB6D4BD10
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 62F897EBF7A74E08995E58276B701B40
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: EF82E60777F64F5DAAF6F617BFF95FC4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 27C1C41AC4FBFBAC2F35A683BE22E92D
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Frame ID: 26E9FA0A30B5DA5B9692FABC04EA928D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 635DA12533D8F6D030C49602B9D79DFE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81NTUyZGZjNS1iMzE2LTRlOGUtOGU2Zi0xNDU2ZTkzNDk3MTc=&gdpr=0&gdpr_consent=
Frame ID: 6F082A3961CF90B52DA12A115F3AB493
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 1DCCB9C7E8C618F5FAE142EB91B6A9EA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=12214519-0c4c-48e8-a8e2-7a416271dec6
Frame ID: 1EE272C4014549267D0CCFBC216E696D
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: A92FFEF23A99D740DDB8FF1DA94CA495
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YyVrB8Co8YsAANFHiMIAAAAA
Frame ID: D9E26AF57BA1C44D01551D84911AC4F4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YyVrAYu0W8DwXovNsZOEYgAA%264747
Frame ID: 077EEFF1575E100277ADA45A97AC5741
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
Frame ID: 18E952A57E90E3D0DCE3E9CD7F6BC28A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 9215EC0633B5EE8A585E3E04C6425D0C
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=CF21C3D1-8732-40E1-B436-3BFC0385C9DB
Frame ID: 5EAE0A84E043A672B45D0A8A6E0DD49B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Frame ID: CF9990317CD3531CF258D509519B2CDD
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 525AA7BF9A09011E09617F7E54508776
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x39zhetzyuh
Frame ID: 969208721DCA83D6B6F31B613298732C
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=CF21C3D1-8732-40E1-B436-3BFC0385C9DB
Frame ID: E9B1BDE7CD00790A04506632B8133FD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

6月15日起 北京公交多條線路有調整 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

512
Requests

72 %
HTTPS

0 %
IPv6

94
Domains

149
Subdomains

100
IPs

9
Countries

3981 kB
Transfer

10857 kB
Size

88
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663396606&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396605374&bpp=15&bdt=1377&idt=803&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3889329748949&frm=23&ife=1&pv=2&ga_vid=2117577202.1663396606&ga_sid=1663396606&ga_hid=1309645576&ga_fc=0&ga_cid=amp-7QKNI_xTSKvqK3pWgp2GZQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1220&biw=1600&bih=1200&isw=336&ish=280&ifk=1277543799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531706%2C31068919&oid=2&pvsid=1882226508588972&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.olw0w5qvyszv&btvi=1&fsb=1&dtd=819 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 68
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663396606&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396605514&bpp=13&bdt=1534&idt=722&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=3889329748949&frm=23&ife=1&pv=1&ga_vid=1759994032.1663396606&ga_sid=1663396606&ga_hid=123635692&ga_fc=0&ga_cid=amp-7QKNI_xTSKvqK3pWgp2GZQ&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=283412311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44772928&oid=2&pvsid=2834201891224365&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.46u3y63o8lff&fsb=1&dtd=737 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
Request Chain 145
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyVrATEoN7vtR3e9eVOJSAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOFm-JM5PbEW8quZYAxZ15Q&google_cver=1
Request Chain 147
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU2NjY5NjI3ODM0OTIxNDYx
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
Request Chain 151
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyVrAYu0W8DwXovNsZOEYgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOFm-JM5PbEW8quZYAxZ15Q&google_cver=1
Request Chain 153
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU2NjY5NjI3ODM0OTIxNDYx
Request Chain 169
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELQfhHM7CStCleblUk_y1mo&google_cver=1&google_push=AZmPxg-AZ5-h579odOmrXITs6n3ZGYjN_zI1RagQq1DUoieebHb-FwJvOdCZHgTg70Y4DFReS-blVm1HAj9_7mnHBuvKcd4G4i_ooQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MmYwOTBmZTYtMWFiNC00OTM1LTk3NGEtYTMwNWVhNjRhOWFj&google_gid=CAESELQfhHM7CStCleblUk_y1mo&google_cver=1&google_push=AZmPxg-AZ5-h579odOmrXITs6n3ZGYjN_zI1RagQq1DUoieebHb-FwJvOdCZHgTg70Y4DFReS-blVm1HAj9_7mnHBuvKcd4G4i_ooQ
Request Chain 170
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDw9i_JbqX1cDcdTHLHQlSU&google_cver=1&google_push=AZmPxg9fxD4gwX9HvrafegCehagA8c5SRtV_ZybB9pmsPPaeLVQ4hDvtw_9My1EF0AGdP3CvEnr4px4YeDr32NKbWEiAMynulqmJwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9fxD4gwX9HvrafegCehagA8c5SRtV_ZybB9pmsPPaeLVQ4hDvtw_9My1EF0AGdP3CvEnr4px4YeDr32NKbWEiAMynulqmJwQ&google_hm=ZzM3OWJlYjU0MTVjZDAzZTlmNWI=
Request Chain 172
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELRJqsTgn7pDS89hp83-iVU&google_cver=1&google_push=AZmPxg8U2n4RvYOh5BpC20EJ16SXWNyerSKvBxOwjyog_Y57EDM751S6Xg3NK5xtlfmDVi6iDbKNJa0p1IUbCnB54op04zXFC_7sphc HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELRJqsTgn7pDS89hp83-iVU&google_cver=1&google_push=AZmPxg8U2n4RvYOh5BpC20EJ16SXWNyerSKvBxOwjyog_Y57EDM751S6Xg3NK5xtlfmDVi6iDbKNJa0p1IUbCnB54op04zXFC_7sphc&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rWFV0UHB4RTJ1RUFSellYbTFVSll1NW5KQlFIaUJDRn5B&google_push=AZmPxg8U2n4RvYOh5BpC20EJ16SXWNyerSKvBxOwjyog_Y57EDM751S6Xg3NK5xtlfmDVi6iDbKNJa0p1IUbCnB54op04zXFC_7sphc
Request Chain 174
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJ_QfyeC7fEVOxBEKoPqv2w&google_cver=1&google_push=AZmPxg8WawmEZt-4bKJcHK3twQolvk0obvouDRlHT0rdsVJkvMlZyz5gOdED1d7_N06h-0QGcHQrVWIvbMvIfvc3szC5tBHWD3Nwa1M HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJ_QfyeC7fEVOxBEKoPqv2w&google_push=AZmPxg8WawmEZt-4bKJcHK3twQolvk0obvouDRlHT0rdsVJkvMlZyz5gOdED1d7_N06h-0QGcHQrVWIvbMvIfvc3szC5tBHWD3Nwa1M&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8WawmEZt-4bKJcHK3twQolvk0obvouDRlHT0rdsVJkvMlZyz5gOdED1d7_N06h-0QGcHQrVWIvbMvIfvc3szC5tBHWD3Nwa1M&google_hm=MVBENXJON3YyYk13T2JnNkt3bWU= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 177
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOgpfTbvLy1JVLwOfQtodbE&google_cver=1&google_push=AZmPxg_9YocJmIark36Y-enxbM-5L0EL5jxAHFG7eYwmaV7rmviHqci2WsQ79v12_gtdvlxc25KUH6tYDg7AbOhTGftTQMLOvlhdZOPXEmyc_GOc05I0pLhDzr-DOg-0-mvI6N2XUdslHO-p HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_9YocJmIark36Y-enxbM-5L0EL5jxAHFG7eYwmaV7rmviHqci2WsQ79v12_gtdvlxc25KUH6tYDg7AbOhTGftTQMLOvlhdZOPXEmyc_GOc05I0pLhDzr-DOg-0-mvI6N2XUdslHO-p
Request Chain 178
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEM1t0ZOQsbTBqr7jLUFcqUw&google_cver=1&google_push=AZmPxg_d95o8M0BBaLZrPwQveWwZlznnEeq5e6vbnDRDW_FGdxfGHRF-VfI-4V_jrlDusM1DWh0Zwf7gQt-TD0N6OPVir53Ck-cp9vVd6e0cn9BYstke-6mb1cOqrXgaY6lk-pXxUY4IoOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg_d95o8M0BBaLZrPwQveWwZlznnEeq5e6vbnDRDW_FGdxfGHRF-VfI-4V_jrlDusM1DWh0Zwf7gQt-TD0N6OPVir53Ck-cp9vVd6e0cn9BYstke-6mb1cOqrXgaY6lk-pXxUY4IoOA&google_hm=d0RNM29FZU1WVzhLZlJKZlBHRzFEbXFNNk1J&from_google=pc1
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAGAARHi0qbMJ2E8n1fE2PE&google_cver=1&google_push=AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuPT4dsRZQKO732csNuDn4twZ1mKiHhsU7r35oj9fM_gcfTp3XbrYMwEN3A0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAGAARHi0qbMJ2E8n1fE2PE&google_cver=1&google_push=AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuPT4dsRZQKO732csNuDn4twZ1mKiHhsU7r35oj9fM_gcfTp3XbrYMwEN3A0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuPT4dsRZQKO732csNuDn4twZ1mKiHhsU7r35oj9fM_gcfTp3XbrYMwEN3A0&google_hm=-YraI7t6TWii9H_k_knc5A==
Request Chain 180
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEInnKgmBTabEF_zcTi-Ry1s&google_cver=1&google_push=AZmPxg-zI27X_P4X_CGapl6s9_RfFFdWQG6NX5Q6OCT_ul-TjdrzXE30kWCLAjqjJR4QTvEBOMqDISWkugRPbDbY2mWCzk59JVwwTpDaOQPjJVAsP2RxAIK0mbtHCReIRJw6JnZEcEha8Ojs HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEInnKgmBTabEF_zcTi-Ry1s&google_cver=1&google_push=AZmPxg-zI27X_P4X_CGapl6s9_RfFFdWQG6NX5Q6OCT_ul-TjdrzXE30kWCLAjqjJR4QTvEBOMqDISWkugRPbDbY2mWCzk59JVwwTpDaOQPjJVAsP2RxAIK0mbtHCReIRJw6JnZEcEha8Ojs&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rWFV0UHB4RTJ1RUFSellYbTFVSll1NW5KQlFIaUJDRn5B&google_push=AZmPxg-zI27X_P4X_CGapl6s9_RfFFdWQG6NX5Q6OCT_ul-TjdrzXE30kWCLAjqjJR4QTvEBOMqDISWkugRPbDbY2mWCzk59JVwwTpDaOQPjJVAsP2RxAIK0mbtHCReIRJw6JnZEcEha8Ojs
Request Chain 182
  • https://sync.inmobi.com/gob?google_gid=CAESEAcT_2TTtwT8aRfvfbRK2Pk&google_cver=1&google_push=AZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbDS7661Yk7NkNpa8M4v1wnBRLNTMB18oV2MjcWWyyAGyz4JFTutdaR HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbDS7661Yk7NkNpa8M4v1wnBRLNTMB18oV2MjcWWyyAGyz4JFTutdaR&gdpr_consent=&gdpr= HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOKnz52C1IiPZ8JDJ17_C6VG1eQWY7s8bhUTF5RQ&google_push=AZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbDS7661Yk7NkNpa8M4v1wnBRLNTMB18oV2MjcWWyyAGyz4JFTutdaR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=XuTf1I6lkQaaCpzbUglX&google_push=AZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbDS7661Yk7NkNpa8M4v1wnBRLNTMB18oV2MjcWWyyAGyz4JFTutdaR
Request Chain 183
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPmrCT-RjV_XuyCcrunZXsE&google_cver=1&google_push=AZmPxg_ot21_27RUuChswt0pje8t2FYE9Q-z01BkzhJrVzwKie_0xI57TvdEqwonzbXBVG5RaD18jkkn2J-cz7hLUefArD4VHhi41vK9lRUHXHnbZLma2TO_FrbVnUbPND_mhB-8T4VHaXuiQw HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPmrCT-RjV_XuyCcrunZXsE&google_push=AZmPxg_ot21_27RUuChswt0pje8t2FYE9Q-z01BkzhJrVzwKie_0xI57TvdEqwonzbXBVG5RaD18jkkn2J-cz7hLUefArD4VHhi41vK9lRUHXHnbZLma2TO_FrbVnUbPND_mhB-8T4VHaXuiQw&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_ot21_27RUuChswt0pje8t2FYE9Q-z01BkzhJrVzwKie_0xI57TvdEqwonzbXBVG5RaD18jkkn2J-cz7hLUefArD4VHhi41vK9lRUHXHnbZLma2TO_FrbVnUbPND_mhB-8T4VHaXuiQw&google_hm=YUFhd1BjWUV5YXNyVk13WHRxMjI= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
Request Chain 252
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAWA--YqzhGwk1crxKI25Lw&google_cver=1
Request Chain 254
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWRkZDE0YmItOTgwMS00ZDFhLWExOTItYjUxNzY1MjY0ZDcx
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
Request Chain 256
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAWA--YqzhGwk1crxKI25Lw&google_cver=1
Request Chain 258
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWRkZDE0YmItOTgwMS00ZDFhLWExOTItYjUxNzY1MjY0ZDcx
Request Chain 260
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1&google_push=AZmPxg8E6MdFVdRagy2obHcdOULpDfAmPeC-4gQZoqrFORCTnhDYR8VBHIzx04dup3T-FsiLaF0u_v3l0iHsBe9b12wBEl9oqlU2cK5i7gsthZY3n0rsJMAdC1ipBybmSv7Kh0vYaCuH2QU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjczOTk3NzU5MzA2NDI0MDUwNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
Request Chain 261
  • https://um.simpli.fi/gp_match?google_gid=CAESEHWZDvx39ZJyRnYNpThCrzo&google_cver=1&google_push=AZmPxg9_I245k11m0FQE5c9fCP5rhv6Q1DqYXxKNtzmEhUI3U7oet8EdoWLy3_aXETmMpw6c-RgWdiuQ7B3YA8WGKGBVUKU_Y3_sGiCo8oA0ZgO2PxSrFmJahijqUuAGL-SDdv2TWmbOM-k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A1A85581AD84F77A4CB87F3C79F6B18&google_push=AZmPxg9_I245k11m0FQE5c9fCP5rhv6Q1DqYXxKNtzmEhUI3U7oet8EdoWLy3_aXETmMpw6c-RgWdiuQ7B3YA8WGKGBVUKU_Y3_sGiCo8oA0ZgO2PxSrFmJahijqUuAGL-SDdv2TWmbOM-k
Request Chain 263
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED8AG6sk4BnQ-5XGzG3fldQ&google_cver=1&google_push=AZmPxg85s4e4ep-BVdDq2WwigkanfHbwLMTryKNMvjBu8nODDvB4K0m_5QyK7CLXnii7RMXnHB0Xo21F9jDAdERN8K7yeItdQ4rF6VnYasZyPj46qS4WTJT6LmQ2QwKCFSj6cLNXQM8wRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg85s4e4ep-BVdDq2WwigkanfHbwLMTryKNMvjBu8nODDvB4K0m_5QyK7CLXnii7RMXnHB0Xo21F9jDAdERN8K7yeItdQ4rF6VnYasZyPj46qS4WTJT6LmQ2QwKCFSj6cLNXQM8wRg&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
Request Chain 264
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg-F4wDxRQWYz8djg_r6k6TM6H5oAIbh1YA6U2Y0DpKEpcqQkMpIxj27cvyX-h7_dNr64FPAj3QST9h7f16l4InwXmaZ8RktWv4FoNPiFo8Y6L99wY7GXYuqhuPTlDjCnjObR44eMQY HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg-F4wDxRQWYz8djg_r6k6TM6H5oAIbh1YA6U2Y0DpKEpcqQkMpIxj27cvyX-h7_dNr64FPAj3QST9h7f16l4InwXmaZ8RktWv4FoNPiFo8Y6L99wY7GXYuqhuPTlDjCnjObR44eMQY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2OTEwODI5MjYyMTgzMzAxOA&google_push=AZmPxg-F4wDxRQWYz8djg_r6k6TM6H5oAIbh1YA6U2Y0DpKEpcqQkMpIxj27cvyX-h7_dNr64FPAj3QST9h7f16l4InwXmaZ8RktWv4FoNPiFo8Y6L99wY7GXYuqhuPTlDjCnjObR44eMQY
Request Chain 284
  • https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=63256b03de8d7074e0bf5278a14297cb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_pre=CI3l96Gbm_oCFRn7aAodrMcHaQ;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=63256b03de8d7074e0bf5278a14297cb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=
Request Chain 286
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1&google_push=AZmPxg_OKMM1mGYcDIlSJgoGzotBeOPV3EvnGN4QilSWygfeixBm0JegDkfHGajwrQ_T8nOipGfWkDOd7hpzMzdvUhQKoWIb4k6cxVdos2RWKA-LW2lxtCepWY4lh_MKVuwSR-muKiYAUE5dxwCfxRRF8wQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQwMDc5Njk0NzU5MzAxNjY5OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
Request Chain 287
  • https://um.simpli.fi/gp_match?google_gid=CAESEHWZDvx39ZJyRnYNpThCrzo&google_cver=1&google_push=AZmPxg9-UsgbEYAOtrW1HFphMJznQFSA9GnJEpzPDiS315u3VixlD7s-rj-ca2TyCsCiigznvY4jvpCpg1XuA3hEKuFVrdqHRwulEPDUBnntZhOS8JHiJvlF3nAG8WU4MO4ItBiCc04AfS0AQfdR5NHX7zg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3B6A86A81AA48CBABB366F048954392&google_push=AZmPxg9-UsgbEYAOtrW1HFphMJznQFSA9GnJEpzPDiS315u3VixlD7s-rj-ca2TyCsCiigznvY4jvpCpg1XuA3hEKuFVrdqHRwulEPDUBnntZhOS8JHiJvlF3nAG8WU4MO4ItBiCc04AfS0AQfdR5NHX7zg
Request Chain 288
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENc9HpfSftXS4k5BAVfmmIw&google_cver=1&google_push=AZmPxg_FX-L49Mh0NDy9E-3BueYOpQ1TbeumEdwuYHDWEnUOjQcJLZ9AgYioOo1GZiKcWcpVLKiDBl-5voSeXagL4BjUqSRMxQMp9GCq17diE3O-V96BMG54GjUBHXntM-FXf8aLtTt99gO5jDlvssPemjM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg_FX-L49Mh0NDy9E-3BueYOpQ1TbeumEdwuYHDWEnUOjQcJLZ9AgYioOo1GZiKcWcpVLKiDBl-5voSeXagL4BjUqSRMxQMp9GCq17diE3O-V96BMG54GjUBHXntM-FXf8aLtTt99gO5jDlvssPemjM&google_hm=hmMlawSTHobombJ3fw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63256B04931E86E899B2777FBLIS
Request Chain 289
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED8AG6sk4BnQ-5XGzG3fldQ&google_cver=1&google_push=AZmPxg9fr8AD6aLAnbROrn_ig-D880Fdq1USD-kLUmqugvzndqq2Z0VLM242pVETQU2z6Ofw6jraUUEsTBcOYaaxRx4sxRabMnV96-oO2eL05JteBEjFi1ipaWX2K--WncYK7bdq0uNEaepvL2MknuevfP8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9fr8AD6aLAnbROrn_ig-D880Fdq1USD-kLUmqugvzndqq2Z0VLM242pVETQU2z6Ofw6jraUUEsTBcOYaaxRx4sxRabMnV96-oO2eL05JteBEjFi1ipaWX2K--WncYK7bdq0uNEaepvL2MknuevfP8&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
Request Chain 290
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg_5f1SyQwRm7tKTRpSbAhhPPNZRjTxjRVIApZk4y-6IAldsogfZQjEuN6cbBYaah0_ixCKS3rRoCCxkINKyaOi-iuhb1Ym_LBmCVklfzrgdDEjZyEREuZRySNOjYRkyqe1YdabuUfs41P1leG8d0Bk HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg_5f1SyQwRm7tKTRpSbAhhPPNZRjTxjRVIApZk4y-6IAldsogfZQjEuN6cbBYaah0_ixCKS3rRoCCxkINKyaOi-iuhb1Ym_LBmCVklfzrgdDEjZyEREuZRySNOjYRkyqe1YdabuUfs41P1leG8d0Bk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY3NTMwMjI3NjE3OTA2MTgwMw&google_push=AZmPxg_5f1SyQwRm7tKTRpSbAhhPPNZRjTxjRVIApZk4y-6IAldsogfZQjEuN6cbBYaah0_ixCKS3rRoCCxkINKyaOi-iuhb1Ym_LBmCVklfzrgdDEjZyEREuZRySNOjYRkyqe1YdabuUfs41P1leG8d0Bk
Request Chain 292
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1&google_push=AZmPxg-tvaAYNMW5jVo-3xpNRgajhgYx_9l6qOzT4fql8x31_ieN5rCT2sAUqLP5dw9IGp9AIH_hr-CkALaeRauCk-NXDv-_L6udh2mumZf0zQkcTbFFaam812rgerTIaszroabBPyH6nd9LId1YvME9RQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODMwOTUxOTY1ODcwMzEwNzQ1MA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
Request Chain 293
  • https://um.simpli.fi/gp_match?google_gid=CAESEHWZDvx39ZJyRnYNpThCrzo&google_cver=1&google_push=AZmPxg_--2BEbRgyqXlg7FR6VBkoFyUxXhwoXMPjFASLv96pE4W5nOmdqvkt35VNDEggfJEI9X_YU3nGRuznCaHQ3gc1dBu6hfTScdj1cT2YXvMnaWdz8y0br-_DvDzNauEWsKbd0FBbE5fkJHh81TPUWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A10A10804AA44A0ADC8395C6FFDA135&google_push=AZmPxg_--2BEbRgyqXlg7FR6VBkoFyUxXhwoXMPjFASLv96pE4W5nOmdqvkt35VNDEggfJEI9X_YU3nGRuznCaHQ3gc1dBu6hfTScdj1cT2YXvMnaWdz8y0br-_DvDzNauEWsKbd0FBbE5fkJHh81TPUWw
Request Chain 294
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENc9HpfSftXS4k5BAVfmmIw&google_cver=1&google_push=AZmPxg9Whx2uwtwupTVKSuIO2LhpNSyqWZ8VVE6JFmXvs_-ikwJFdZ-DwjlZeaXdzY6jv3hW3zpdQ_7WqlLHiGCuwg477YQfomaklZ54UkY-VD_X3jRhun9iUnrqoQWLpGzXP0QS3QUXeso-kl_WryvC-g HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9Whx2uwtwupTVKSuIO2LhpNSyqWZ8VVE6JFmXvs_-ikwJFdZ-DwjlZeaXdzY6jv3hW3zpdQ_7WqlLHiGCuwg477YQfomaklZ54UkY-VD_X3jRhun9iUnrqoQWLpGzXP0QS3QUXeso-kl_WryvC-g&google_hm=hmMlawSTHobombJ3fw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63256B04931E86E899B2777FBLIS
Request Chain 295
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED8AG6sk4BnQ-5XGzG3fldQ&google_cver=1&google_push=AZmPxg-nZEFVY2u3e8pS0e-TwCWP1oOBDEfsL-XNrzS4xKbZ9WOFaUXSddU6TijMHon0XAGGpprN0vcr3VlDXgTFUpLG1avQeKsHfD09s7yst1e6BlddwL-Kes54jWNE9RsTMoZ70Gx1cF1L4BiYx1YB-A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-nZEFVY2u3e8pS0e-TwCWP1oOBDEfsL-XNrzS4xKbZ9WOFaUXSddU6TijMHon0XAGGpprN0vcr3VlDXgTFUpLG1avQeKsHfD09s7yst1e6BlddwL-Kes54jWNE9RsTMoZ70Gx1cF1L4BiYx1YB-A&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
Request Chain 296
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg-ICpV1z7FFJEsKWcPPUSXkUlKERCpMSFvYZOQuyEGuJIbSZuMC2fIJ0Y-iHgMZtwoEgqH9KHUZYzoojDwSrQEohGkHe4V6oDCwKwV-BXzYA4hIxmmD46eRCG9hJ_6JSWyAsa0rybs5bCjJVJeUm5w HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg-ICpV1z7FFJEsKWcPPUSXkUlKERCpMSFvYZOQuyEGuJIbSZuMC2fIJ0Y-iHgMZtwoEgqH9KHUZYzoojDwSrQEohGkHe4V6oDCwKwV-BXzYA4hIxmmD46eRCG9hJ_6JSWyAsa0rybs5bCjJVJeUm5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1ODE4NTA1OTk1NDk4Mjk4MA&google_push=AZmPxg-ICpV1z7FFJEsKWcPPUSXkUlKERCpMSFvYZOQuyEGuJIbSZuMC2fIJ0Y-iHgMZtwoEgqH9KHUZYzoojDwSrQEohGkHe4V6oDCwKwV-BXzYA4hIxmmD46eRCG9hJ_6JSWyAsa0rybs5bCjJVJeUm5w
Request Chain 336
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 344
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L85JE5AG-24-AYT1&gdpr=0&us_privacy=1---
Request Chain 345
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kOGE3Y2NlNC0zMmI4LTRhY2QtYTE4YS00OTdjYTc1NGUyZTc%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/259?gdpr=0&gdpr_consent=&us_privacy=1---&A=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kOGE3Y2NlNC0zMmI4LTRhY2QtYTE4YS00OTdjYTc1NGUyZTc%3D&uid=YyVrAYu0W8DwXovNsZOEYgAA%264747 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kOGE3Y2NlNC0zMmI4LTRhY2QtYTE4YS00OTdjYTc1NGUyZTc%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/259?gdpr=0&gdpr_consent=&us_privacy=1---&A=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&bidder=appnexus&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kOGE3Y2NlNC0zMmI4LTRhY2QtYTE4YS00OTdjYTc1NGUyZTc%3D&uid=856669627834921461 HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kOGE3Y2NlNC0zMmI4LTRhY2QtYTE4YS00OTdjYTc1NGUyZTc%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/2/259?gdpr=0&gdpr_consent=&us_privacy=1---&A=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&bidder=adform&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kOGE3Y2NlNC0zMmI4LTRhY2QtYTE4YS00OTdjYTc1NGUyZTc%3D&uid=1858185059954982980 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kOGE3Y2NlNC0zMmI4LTRhY2QtYTE4YS00OTdjYTc1NGUyZTc%253D%26uid%3D%24UID
Request Chain 346
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=d8a7cce4-32b8-4acd-a18a-497ca754e2e7 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A&gdpr=0&gdpr_consent=
Request Chain 347
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522238326638056381&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522238326638056381&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dfd1e307-4499-4171-932e-216466fb2c9b&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522238326638056381&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232173304277004068172&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522238326638056381&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 349
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8309519658703107450&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 350
  • https://match.adsrvr.org/track/cmf/openx?oxid=b29abb08-4cdc-7054-d1a3-ba06f69beb1d&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=b29abb08-4cdc-7054-d1a3-ba06f69beb1d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=12214519-0c4c-48e8-a8e2-7a416271dec6&ttd_puid=b29abb08-4cdc-7054-d1a3-ba06f69beb1d&gdpr=0&gdpr_consent=
Request Chain 351
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YyVrBsCo8YsAANFHh8YAAAAA
Request Chain 352
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASQL1SOsni_pks8ADsd_xUMQB88AAAGDSioUYw
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
Request Chain 357
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=1&gdpr_consent=
Request Chain 359
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=856669627834921461
Request Chain 361
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg0oqER-KlViqn8GZrsmL1gBl4q73JuiLRw
Request Chain 363
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCIbWlZkGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 364
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GnqXJ1P7O8Y_TrflH9Pn75_IF7hf4fPrveFRQ0lrMLY
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDTVg-_CkudTzcarzjnZfHQ&google_cver=1
Request Chain 368
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2Mzk4MjE0MTUzMDE4MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEC0XBjAL9qmUwsmRlbaABvs&google_cver=1
Request Chain 372
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=12214519-0c4c-48e8-a8e2-7a416271dec6&dongle=0cfd
Request Chain 373
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM2NzM1MTI0MjUwMjAwNzkxNDk5 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELwpZeMPK_Uv6eAipns_rNE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 375
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM2NzM1MTI0MjUwMjAwNzkxNDk5
Request Chain 376
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=436735124250200791499&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=436735124250200791499&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7580bbdb-d7c3-4c24-bc96-77478abf4ca3&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7580bbdb-d7c3-4c24-bc96-77478abf4ca3&_noobservation=1&_expected_cookie=55cfae077882a148f48a12b5bf82d9d4
Request Chain 377
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=436735124250200791499&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522238326638056381&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dfd1e307-4499-4171-932e-216466fb2c9b&ssp=triplelift&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522238326638056381&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232793304277004066840&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522238326638056381&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 378
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/436735124250200791499?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-jCscpLdE2oSO6QrxX0dmJmCjnCLAr0UqZefAp94x.A--~A&dongle=0883
Request Chain 379
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=436735124250200791499 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=436735124250200791499&dcc=t
Request Chain 381
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=aAawPcYEyasrVMwXtq22&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFAWC52QMNMUK6LBONZFMTLXLB2HCMRS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFAWC52QMNMUK6LBONZFMTLXLB2HCMRS HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aAawPcYEyasrVMwXtq22
Request Chain 383
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L85JE5AG-24-AYT1
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED_Ni8CQtdZo8kXpRvc8PCw&google_cver=1
Request Chain 385
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4fWLaylmSoqTxxT3EWxceg&rk=usync-na
Request Chain 386
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg1SkU1QUctMjQtQVlUMQ==
Request Chain 387
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=&expires=30
Request Chain 388
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/IU2h0V1tgP4UF_dSij7n8Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5586413047694589838
Request Chain 389
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WmrMkCBQSQeN-xdelfPoBw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WmrMkCBQSQeN-xdelfPoBw
Request Chain 399
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=12214519-0c4c-48e8-a8e2-7a416271dec6&expiration=1665988615&gdpr=0&gdpr_consent=
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBLHfLp4As2MRNPWaqDoKXE&google_cver=1
Request Chain 401
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&dcc=t
Request Chain 403
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=15ea77de-b6cb-a337-4b9d52b7
Request Chain 404
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63256b0762b4e&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63256b0762b4e
Request Chain 405
  • https://idsync.rlcdn.com/461886.gif?partner_uid=YyVrAYu0W8DwXovNsZOEYgAA%264747&&gdpr_consent=&gdpr= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5a37884422cc9cda53562728087e3118d2f986d0a93e4258eb23c44ec40a6ed5791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1YTM3ODg0NDIyY2M5Y2RhNTM1NjI3MjgwODdlMzExOGQyZjk4NmQwYTkzZTQyNThlYjIzYzQ0ZWM0MGE2ZWQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwIh9aVmQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1YTM3ODg0NDIyY2M5Y2RhNTM1NjI3MjgwODdlMzExOGQyZjk4NmQwYTkzZTQyNThlYjIzYzQ0ZWM0MGE2ZWQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwIh9aVmQYSBAgCEABCAEoA&google_gid=CAESEAmDP4pyWP5GHIsXKxAtajQ&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0883de3c-37cd-4fe6-b198-7bbcb0ab828d
Request Chain 406
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=__Qgn-PgTm9lNW95aLIVvWfR_gU
Request Chain 415
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 416
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L85JE5AG-24-AYT1&gdpr=0&us_privacy=1YN-
Request Chain 417
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=856669627834921461
Request Chain 418
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FVHMBLZHYsDqiHmfRLGn2gYE
Request Chain 419
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FVHMBLZHYsDqiHmfRLGn2gYE
Request Chain 420
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=7ed099b2-7753-4677-936d-7d5cf8d40424
Request Chain 421
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1663396615538 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8009163769 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/12214519-0c4c-48e8-a8e2-7a416271dec6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-749f24e3-88be-44fd-876c-97b286ce6701-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-749f24e3-88be-44fd-876c-97b286ce6701-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-749f24e3-88be-44fd-876c-97b286ce6701-004
Request Chain 422
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1975461765263481798
Request Chain 423
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=a8e157cf-664a-471d-ad65-b4df4a3bbe37
Request Chain 424
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F621%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/0/621?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&bidder=adform&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=1858185059954982980 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F4%252F621%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 425
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
Request Chain 426
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
Request Chain 427
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
Request Chain 437
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg0oqFcjoSrUFH7iNcT5T23r73HoEK6puWQ
Request Chain 439
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Request Chain 440
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=L85JE5AG-24-AYT1&gdpr=0
Request Chain 441
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=856669627834921461
Request Chain 443
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3111016126218390619
Request Chain 444
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iKZCNxl4eg0Gd7_EcAUTIBmE2bP_hZISS9AmXqgilkc
Request Chain 445
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
Request Chain 446
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDTVg-_CkudTzcarzjnZfHQ&google_cver=1
Request Chain 447
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
Request Chain 448
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=
Request Chain 449
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Donetag%26bsw_param%3Df98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=93496325-6b06-4100-aab4-1eb9b4e889cb&expires=30&ssp=onetag&bsw_param=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 455
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=1b0bb1ba-fa10-4224-a5b7-18fdd501876c
Request Chain 457
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=07030002_63256b0762b4e&knw=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030002_63256b0762b4e&gdpr=0&gdpr_consent=
Request Chain 458
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4834885040984968302&gdpr=0&gdpr_consent=
Request Chain 460
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=856669627834921461
Request Chain 461
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB
Request Chain 462
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEZLU7GStYAAA7frhnYIw&expiration=1664606216
Request Chain 464
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=30f66e28-e533-4de4-84e8-41cfc54abb34&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 465
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=2GhWljDkSP5QkmTzbFymPWfR_gU
Request Chain 466
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63256b0762b4e&knw=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63256b0762b4e
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBLHfLp4As2MRNPWaqDoKXE&google_cver=1
Request Chain 470
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=856669627834921461
Request Chain 471
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_5552dfc5-b316-4e8e-8e6f-1456e9349717&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=21bbe1ef-abe1-4721-b29e-de1cfdc4295e&user_group=1&ssp=gumgum2&bsw_param=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4
Request Chain 472
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-J560t8gs3kgHW3talzVD8VE6q43ZPHI_GCMs2hOwVkIqQO6zqzX2yWegodHuKaE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28-J560t8gs3kgHW3talzVD8VE6q43ZPHI_GCMs2hOwVkIqQO6zqzX2yWegodHuKaE%29
Request Chain 473
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=45a71f78-64c9-4802-b6d8-aaeb3ecbea5b
Request Chain 474
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-7de02872-e85a-4259-5e6f-06fd3aea0040$ip$103.209.254.5
Request Chain 475
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-OBEGEixE2pdfcNonCUwMJqEk7cU24BEB_EvT~A
Request Chain 476
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=812f48dc-5baa-47e2-b4b5-e4a648d86bc6
Request Chain 479
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_5552dfc5-b316-4e8e-8e6f-1456e9349717&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=aAawPcYEyasrVMwXtq22&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKBMF3VAY2ZIV4WC43SKZGXOWDUOEZDEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKBMF3VAY2ZIV4WC43SKZGXOWDUOEZDEJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aAawPcYEyasrVMwXtq22&us_privacy=1---
Request Chain 480
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=2757b57b-63ff-48d8-a5b6-d7ab1d6c125f
Request Chain 481
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=543673575 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/12214519-0c4c-48e8-a8e2-7a416271dec6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-749f24e3-88be-44fd-876c-97b286ce6701-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-749f24e3-88be-44fd-876c-97b286ce6701-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-749f24e3-88be-44fd-876c-97b286ce6701-004
Request Chain 482
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=G85dKHlB6DWh&ev=1&pid=558355
Request Chain 483
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3111016126218390619
Request Chain 485
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Request Chain 489
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=12214519-0c4c-48e8-a8e2-7a416271dec6
Request Chain 491
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YyVrB8Co8YsAANFHiMIAAAAA
Request Chain 492
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YyVrAYu0W8DwXovNsZOEYgAA%264747
Request Chain 493
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
Request Chain 494
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 496
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L85JE5AG-24-AYT1 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L85JE5AG-24-AYT1
Request Chain 503
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Request Chain 505
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x39zhetzyuh
Request Chain 507
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zyHD0YcyQOG0Njv8A4XJ2w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 508
  • https://idsync.rlcdn.com/420486.gif?partner_uid=CF21C3D1-8732-40E1-B436-3BFC0385C9DB HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5a37884422cc9cda53562728087e3118d2f986d0a93e4258eb23c44ec40a6ed5791426b5417dce21&_=2 HTTP 307
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Request Chain 509
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=93496325-6b06-4100-aab4-1eb9b4e889cb
Request Chain 510
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0YyMUMzRDEtODczMi00MEUxLUI0MzYtM0JGQzAzODVDOURC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPkMrxbDMHG9RmNZeN5ts9s&google_cver=1
Request Chain 512
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C3B6A86A81AA48CBABB366F048954392
Request Chain 514
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=12214519-0c4c-48e8-a8e2-7a416271dec6
Request Chain 515
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 516
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gB1snIBMbpmbS2mQjx9zz4YWOMqbF2qbhRjxC7qh
Request Chain 517
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L85JE5AG-24-AYT1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L85JE5AG-24-AYT1

512 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
www.bg3.co/a/ 		48 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8d141256082145f4aeaaed60a0c03d0ca0aa88bb805b08b6bf9700769bbb387d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Sep 2022 06:36:42 GMT
ETag
"c105-9RCcsXiA9jJLUBgk0mQnZfOGKco"
Expires
Sat, 17 Sep 2022 07:36:42 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
b0c35de7e97c6845d33df6e448e10fc57a12dc9029159a609111c6032cc1889d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72615
x-xss-protection
0
server
sffe
date
Sat, 17 Sep 2022 06:36:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"d846f64d6544327b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 17 Sep 2022 06:36:43 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
20ef0d0404e4822f6483958648bb42a50a00bf51775a9e4d99d56cddd12ba986
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9656
x-xss-protection
0
server
sffe
date
Sat, 17 Sep 2022 06:36:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"acc3868951df8a41"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 17 Sep 2022 06:36:43 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
6997292db4f5eefb91b6df8a32cc33f382a9da74890b13d55d9b0263c46f736e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
date
Sat, 17 Sep 2022 06:36:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"2854de22cf21ae71"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 17 Sep 2022 06:36:43 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c86f041243bcea80e0315fc89fa78a1b81dbc3aec419b11af7302ea2eb3100c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32045
x-xss-protection
0
server
sffe
date
Sat, 17 Sep 2022 06:36:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"41e651644f1ce250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 17 Sep 2022 06:36:45 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634ce6ebcae68cecdd5e4fe82fb7745884b9ee2dbe59a51bc08e1da360cd39c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43721
last-modified
Wed, 14 Sep 2022 07:31:55 GMT
server
cloudflare
etag
"6321836b-aac9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL7ypM5YaW7vAPOTuQQQHQCBYk3z0mVbgjh9bJc7KV79pMC9GghVQEvQTyXL9ZdB9iSlv0fG7J5gLCWveA8s99be%2BCEZuWizgyUUlVngEyZ2WP8uWcIcQNeEWfyObwKxNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74bfd446691017ca-MEL

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.4.192 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-4-192.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 17 Sep 2022 06:36:44 GMT
content-encoding
br
last-modified
Sat, 17 Sep 2022 06:00:42 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=28, origin; dur=222
x-cf-geodata
AU
content-type
application/javascript
content-length
9571
expires
Sat, 17 Sep 2022 07:36:44 GMT
adpushup.js
cdn.adpushup.com/42753/ 		477 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.5.176 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-176.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
0fa316a9b05961ed4d68109ff3e63a72f33c18792dca892c27bed1527a7b4add

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 17 Sep 2022 06:36:44 GMT
content-encoding
br
last-modified
Sun, 11 Sep 2022 10:27:19 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8
x-cf-geodata
AU
content-type
application/javascript
content-length
104716
expires
Sat, 17 Sep 2022 07:36:44 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
519
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRkSxmku%2BYcsAca3mdHhDo7ZV%2FQXKWkeSS4iAeRIyxG9JbllHz4c7jiWxcm8BvFswoGqNg8EHh1MwJ7A8oreeAic35JAZB7AqOH09l%2FC5ucGrNNcNw8IZt3IH%2BxST1OVZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
74bfd4472a3217ca-MEL
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:44 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:44 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5841185752294946&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:44 GMT
x-width
336
x-height
280
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource
PSA
x-adtype
html
connection
close
access-control-allow-credentials
true
content-length
508
x-adstyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.2038799458254581&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:44 GMT
x-width
336
x-height
280
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource
PSA
x-adtype
html
connection
close
access-control-allow-credentials
true
content-length
508
x-adstyle
banner
3ac25959f7dc517f8376a6ca411f920e.jpg
static.bg3.co/imgs/202106/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/3ac25959f7dc517f8376a6ca411f920e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac0f3027555126e39d9c63fd8bf2c14c87593fbab024a98a46864b7d45fdf729

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 23:28:35 GMT
server
cloudflare
etag
"3AC25959F7DC517F8376A6CA411F920E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYtGsrOGCM5uFPww0TVSQXo7G3tkArCy8VBa9BPjupSCxH%2BU4L2A1F340%2FLu3JJXR5lGIuMRTVynqaVixR%2FkNc4HETLXhnDHSSsYzyHpz5tNTbRdyN13ZStYHv%2F2IcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd4493facdf24-MEL
content-length
7568
expires
Sat, 24 Sep 2022 06:36:44 GMT
4eda522f56c600e02e806bb9a5b33ac1.jpg
static.bg3.co/imgs/202106/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4eda522f56c600e02e806bb9a5b33ac1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac3c19f0938a8ab775f35f398853cb656305111bd3f3f0ccdbdc2e00356be23

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Jun 2021 04:27:10 GMT
server
cloudflare
etag
"4EDA522F56C600E02E806BB9A5B33AC1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kf%2Fi1qZZ9gnGMtnk570MpT7%2FTW13sRo7Uw93JKniP6Qy1cVvvZ0cE8rz%2F5ndBdpBTOpuSvbp3iw%2B8xLSlAjBgYuXsyw8Tnr63nBAbAuIs6DtImNGcz8JjHHoBzmwPR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd4493faedf24-MEL
content-length
3760
expires
Sat, 24 Sep 2022 06:36:44 GMT
e9309243b570d380c778a99641b5b81a.jpg
static.bg3.co/imgs/202103/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202103/e9309243b570d380c778a99641b5b81a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bac75fe77406c6251a4d2344d4a5aaa93d0c87637d46075ca8263b027b2c4e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 01:04:33 GMT
server
cloudflare
etag
"E9309243B570D380C778A99641B5B81A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzUdBNHpvxQc%2BsBR6BYPt0kd07aQEpZhdJHb9dACw5H8R8ix6uZ%2BUjzLTgGpzFwToPo4WSAgWCC1aj3uYldpBNvEry8dHuB071n0Wkf8Wy4Ys29UCLCYleyi5fKDeMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd4493fafdf24-MEL
content-length
3914
expires
Sat, 24 Sep 2022 06:36:44 GMT
8255223fb04ab02c0e50a4ede2f2b4bf.jpg
static.bg3.co/imgs/202105/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8255223fb04ab02c0e50a4ede2f2b4bf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99447a78e7452761b4b7c6456106802a2f70a53acf689550658605cd349edff0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 08:59:42 GMT
server
cloudflare
etag
"8255223FB04AB02C0E50A4EDE2F2B4BF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMljDX%2FcD3rL%2BxcFYtCzZ6wir4ewHFLLpPzmM16X%2Baq3h1XcQqEzC3jKL4MlKMj0VERhgcaRmEzsUHQ3%2Bi0i7Mc7PGNlLTiXzV8bnOxXrr%2F2kXSZuu%2BhGbvMAetpb4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd4493fb0df24-MEL
content-length
12527
expires
Sat, 24 Sep 2022 06:36:45 GMT
b64a89edc28081e5b62cae2b54e297f8.jpg
static.bg3.co/imgs/202105/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b64a89edc28081e5b62cae2b54e297f8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c6444ec9e86d25a1372504f821aa2728b59dd27438e8664262e2ba5038bddb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:44 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 08:44:51 GMT
server
cloudflare
etag
"B64A89EDC28081E5B62CAE2B54E297F8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwcToflM7aSCDKm56h5huvXN63yRn4Q4HJyI7K4n5pWOc3Hqr%2FEm3rIyZ2AkHnqmExk6%2FfwNy5GVa8xGdlGdZI9rPQqu4KEH8KM4bjHlx%2B61abcUJgNrJaD8ptBdHQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd4493fb3df24-MEL
content-length
10710
expires
Sat, 24 Sep 2022 06:36:44 GMT
5caf024e4e4f493b20930b983b34b0ff.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5caf024e4e4f493b20930b983b34b0ff.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b1a136cccc51ecdba5f864cc07baff50669defebc23584e525f01ae057e8b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:44 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 01:23:41 GMT
server
cloudflare
etag
"5CAF024E4E4F493B20930B983B34B0FF"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gjfKJHNVTbMOnW%2FLRK%2FFuGzU%2BXPvXgfjpMDMoGkvsmPDBG452E5ZQq0etkuXI5SjXvHPjkgWPcZsT65jRWbv323RCZ1aGrH0ScW8UbQ8lyCQe7Jm0tiUjsnAtL8nJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd4493fb2df24-MEL
content-length
8317
expires
Sat, 24 Sep 2022 06:36:44 GMT
e02281922c887711a1ef4c0a2439c9ea.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e02281922c887711a1ef4c0a2439c9ea.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6b905caee5973ad52554ba9dbf33dbd4f02f474723598847c08a96235c6613

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 04:27:59 GMT
server
cloudflare
etag
"E02281922C887711A1EF4C0A2439C9EA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBcTagjhCjit0XVd8gG2gpC6wg6xdvv1tcte4srxjb696xUCw%2B1oeUBqPzjKfJJ769wrG2DFjRp7CnN59rAVQGoegT3Ac5ZD7dH%2Fb%2F9zCdJktPEKLfhoMEiByo80zoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd44b2a0cdf24-MEL
content-length
3127
expires
Sat, 24 Sep 2022 06:36:45 GMT
c6394ebac66b56e54662341aab6de275.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c6394ebac66b56e54662341aab6de275.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b07c3c310d159b52f9e6bf8263a1199985386b13234d975514867e69d6937d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 15:46:39 GMT
server
cloudflare
etag
"C6394EBAC66B56E54662341AAB6DE275"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PP7wD%2BOihbWVFZ3mhpEIWYOkBT3fQ4lvRRzevXGPy23FYNbeCtUR4K24o5no0s1Z3QkdqpIKI4diMtXdBabwXWjxwQQ1lpuxuOp4dslWNKZNqyJS4rliemVfZvK2Y3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd44b2a0ddf24-MEL
content-length
5783
expires
Sat, 24 Sep 2022 06:36:45 GMT
46dafa1c44722af368f8967e1fa186f5.gif
static.bg3.co/imgs/202106/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/46dafa1c44722af368f8967e1fa186f5.gif?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0622ee2141c5d5acd34b4b10e4f686fb7238e79cca3a834a31e82e06731c162f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Jun 2021 01:30:32 GMT
server
cloudflare
etag
"46DAFA1C44722AF368F8967E1FA186F5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbQBphJ0HA6ba%2FfqW7dF2mu0z3FZI7qPxeALkImgAUwz8HTHxkL0Q%2BZKYn6fu2uk%2FqHFfM8%2Fx9HsRYL0WCAHJFXXSR7eFqHVvqdvtSoSuqfRptlc%2B35Xd2FX3rgJM0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd44b2a0edf24-MEL
content-length
11944
expires
Sat, 24 Sep 2022 06:36:45 GMT
fba73373a0217a74eca8da7d8c8aba18.jpg
static.bg3.co/imgs/202207/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202207/fba73373a0217a74eca8da7d8c8aba18.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a407efd46cf60ef6414e5516619b2dd3a37323d3bd9aad5f9eb53309e89d126

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Thu, 21 Jul 2022 06:14:37 GMT
server
cloudflare
etag
"FBA73373A0217A74ECA8DA7D8C8ABA18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGGKNfkyw3Ip%2F1RHJz9SnO9x%2FWOHfnzPjTvnpjQ7xnfjIdd8WjbiiiSCu80LADgxo%2Fih1G3M6phMHV%2FdMo3ftx%2BQtylVRdrBCkXmRv7T8Y%2FLy3J4KQ4UT%2BMm9uyhkdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd44b2a0fdf24-MEL
content-length
6035
expires
Sat, 24 Sep 2022 06:36:45 GMT
f72c99cd03ebe03cb457e90b3aeafa58.jpg
static.bg3.co/imgs/202107/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/f72c99cd03ebe03cb457e90b3aeafa58.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361214ca4ff572fe2640916caa2f50ce1f5af6a2463e1143ea8853d57d981d4e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Jul 2021 07:36:38 GMT
server
cloudflare
etag
"F72C99CD03EBE03CB457E90B3AEAFA58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMZMnJD7fhHtvbJDXBiTdIVZOVnFeU8rzetpndyZfSO5hI%2BxjP2X9XOzdlNxBMlgVI%2FnbrDdw6aS0uo7dsiTYri1QlpHhW9%2Fbnt40vOh1NajGPveO1Seq3%2BbvkxYtF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd44b2a11df24-MEL
content-length
33135
expires
Sat, 24 Sep 2022 06:36:45 GMT
83a86af87c31b6b13c181fec16da3221.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/83a86af87c31b6b13c181fec16da3221.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fec55061ea87a3f53ed9391a7699ef75b328b9514e274dc0877b05a31cb5969

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 06:46:21 GMT
server
cloudflare
etag
"83A86AF87C31B6B13C181FEC16DA3221"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FCV9CkjwktyJ7t7Lmc%2FKBWTROwqOhRODuBQVY4G%2FBRSzFvC3aQtxHV4nit1mq50I6AE5p5e7JyGNdaDXb5lmVO6mvvcwrjbnxxKwiSC6o9f8RFSSb0gvxGwV%2FZL3JQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd44b2a13df24-MEL
content-length
6236
expires
Sat, 24 Sep 2022 06:36:45 GMT
47258eae5c94953d1e05a52323e41257.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/47258eae5c94953d1e05a52323e41257.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c427b4523bdb5a5a56727db17ac948691f6993d9dbb8b2a06405271eb41186f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 22:51:30 GMT
server
cloudflare
etag
"47258EAE5C94953D1E05A52323E41257"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GDGMwczc%2FYMHnemf1x0V8qxQK%2BrruZbC1idfP8tr%2BDsB7cx9vQDCcPlHZC%2BbzFiLdfskXam0fIHzWFee35VM573rbB2H80uTFleBJbL9%2BSt%2FyhhUJHCWlw5Y4NAuaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd44b2a14df24-MEL
content-length
8137
expires
Sat, 24 Sep 2022 06:36:45 GMT
cec5ce57b523cc43172693609d155d5e.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/cec5ce57b523cc43172693609d155d5e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f661a738aac78404df7c695e23b2e30bf692c79d31e3d1c58a1a7b501d1ae4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 15:58:50 GMT
server
cloudflare
etag
"CEC5CE57B523CC43172693609D155D5E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUj86IXb1eX7WnoZCFwGTCZc9JFX221Sqtn28llcUe7dqiEptgXEHaKdZmHfetrgvvPN5qLZrY%2FELEahCdi8eFx83BOk0%2Fhk2%2FhHM3aK5U7y10T7n6TmBfjArL68YZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74bfd44b2a15df24-MEL
content-length
2715
expires
Sat, 24 Sep 2022 06:36:45 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
beb04705b4768996852ded7b4cef6e5fcd8bd57b76f289519c95a007d8ab7693
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
142208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2980
x-xss-protection
0
server
sffe
date
Thu, 15 Sep 2022 15:06:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9dad1bb78ff989b7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Sep 2023 15:06:36 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
095348d33dfcfa5ed1de252a53bff7ecda596451ce782f98ad45970c44f6ca5e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23012
x-xss-protection
0
server
sffe
date
Thu, 15 Sep 2022 11:21:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c6500572c835440"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Sep 2023 11:21:52 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
963 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
92cf38050a7628764acdeb5cf06d516685fe812598746fbf087a2d6818338c03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
45d8a1c989f3fb759ada706bcba787b1d492dfce7b9f2494c9ca704aae6133b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
328241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3839
x-xss-protection
0
server
sffe
date
Tue, 13 Sep 2022 11:26:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e713e5c0fef433e3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 11:26:03 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1663396605.dop009.la3.t,1663396605.cds205.la3.hn,1663396605.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 79E9 		103 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
f24bc47f24f70f5a6f519186068c7dc56c772c5ffc20ff7bf9828ff7b7be0985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36493
x-xss-protection
0
server
cafe
etag
5536440229318855938
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 06:36:45 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
e325e7ac2e5f7158a7ed69054a0a07a499f2af228d98fca31b039b875ae11e85
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
191270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10232
x-xss-protection
0
server
sffe
date
Thu, 15 Sep 2022 01:28:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0872f735faca1dbc"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Sep 2023 01:28:54 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7AB6 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
07624a888008a5a8d0d59a1d5d971d6375bd4a1e3e114f296339e258081f2373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40758
x-xss-protection
0
server
cafe
etag
4996972994116535738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 06:36:45 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208242209000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
923bfe4249cc964c58e87df66b351ebb93c6fc54f658fda2c259e2ffc089ddd7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
338739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57876
x-xss-protection
0
server
sffe
date
Tue, 13 Sep 2022 08:31:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"396e090561abbfd0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 08:31:05 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame AE1F 		714 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74bfd44c4c0b5aac-MEL
content-encoding
br
content-type
text/html
date
Sat, 17 Sep 2022 06:36:44 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfHYzYOWxLmUlpFqYKcJy2n8kFQ%2BfjlaA7vB3o1ohx6uTF6JrvE37514G9vpWeMgchjQlFzv12NODFSOPOAVSYOtECTwF9a5gxX9vyR8Rlz2T9IpbiduJmJsCtd8zGJQFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:45 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3676 		714 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74bfd44c4c255aac-MEL
content-encoding
br
content-type
text/html
date
Sat, 17 Sep 2022 06:36:44 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3WNyYfbwXhP4fC%2BXWHvWfINV7woIK%2Br7Tw1O39Tu1j8vOAnqqgBI4v0QgYqkeVyizHlomd6zye5Y1Ml7uGRvtNszIHwXjE57tnk1hiQvKUa%2FTebGDBRMpsw6p9dTyZw4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AE1F 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
16e33227a4efd097d05a1e7138ea52ddc29eefe05bf8320bbda354bf015ebbd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27741
x-xss-protection
0
server
sffe
etag
"1336 / 675 of 1000 / last-modified: 1663366203"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Sep 2022 06:36:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3676 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
2e9f641648d07fa7b1d0681c2dfd16202c42ede250d099a82f35ab994399eafc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27862
x-xss-protection
0
server
sffe
etag
"1336 / 180 of 1000 / last-modified: 1663366039"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Sep 2022 06:36:45 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-16930432452180773345.ampproject.net/2208242209000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-16930432452180773345.ampproject.net/2208242209000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1663396605.dop009.la3.t,1663396605.cds205.la3.hn,1663396605.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
gtag.json
cdn.ampproject.org/rtv/012208242209000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
525927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Sun, 11 Sep 2022 04:31:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7eb7066936b4d634"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Sep 2023 04:31:18 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 79E9 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
bffbe10af19b2848ac863f352c3d68cc4192adc88e11382417132df6431c9d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124737
x-xss-protection
0
server
cafe
etag
7420510614699953264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 06:36:45 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 7AB6 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
748917abe22241e86d07017f8f285739c7a10d6306d15d6fa0c83f3d0622cac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124737
x-xss-protection
0
server
cafe
etag
1735209870657692122
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 06:36:45 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 17 Sep 2022 06:36:45 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022091401.js
securepubads.g.doubleclick.net/gpt/ Frame AE1F 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:55:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 08:37:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 10:55:38 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ Frame 3676 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:39:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331008
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Sep 2023 10:39:58 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1663396605822
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.4.192 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-4-192.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 17 Sep 2022 06:36:46 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=10
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Sat, 17 Sep 2022 07:36:46 GMT
pb.42753.1662648504901.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.5.176 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-176.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
7c0b90fe6a2f1f5380a33c83ccd0fc9ead3520adfe057f55f784c12b49fab4be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 17 Sep 2022 06:36:47 GMT
content-encoding
br
last-modified
Thu, 08 Sep 2022 14:48:36 GMT
server
nginx/1.18.0
etag
W/"631a00c4-5597e"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=12
content-type
application/javascript
content-length
93736
expires
Sun, 17 Sep 2023 06:36:47 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.5.176 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-176.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 17 Sep 2022 06:36:47 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-type
application/javascript
content-length
211
expires
Sun, 17 Sep 2023 06:36:47 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.5.176 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-176.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 17 Sep 2022 06:36:47 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=12
content-type
application/javascript
content-length
17440
expires
Sat, 17 Sep 2022 07:36:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
aadb3043f0db277c623091028f7a4f24e1dd821aca8d3562bc0e976170dd5008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27864
x-xss-protection
0
server
sffe
etag
"1336 / 574 of 1000 / last-modified: 1663366203"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Sep 2022 06:36:46 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:46 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame 79E9 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
671cc92912f4b004e80ce54bd2785318cd8badef6c0f879e6aa1eb109de01167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 79E9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 79E9 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 2BB8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1663396606&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
980
content-length
673
content-type
text/html
date
Sat, 17 Sep 2022 06:21:03 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
pGT1p99QZ3aB7o1Xhg8-Kdx6WQjgI7LDuPXo6pNqEcP3YZqmNXJHWw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:46 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjMzOTY2MDYyMDQsInBhY2tldElkIjoiMDAwMEE3MDEtNmQwMzI1NDQtMDQyYy00M2RhLWEwYmQtOThiMTE5YjNkOWU0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzZ5dWUtMTVyaS1xaS1iZWktamluZy1nb25nLWppYW8tZHVvLXRpYW8teGlhbi1sdS15b3UtZGlhby16aGVuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:46 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjMzOTY2MDYyMDUsInBhY2tldElkIjoiMDAwMEE3MDEtNmQwMzI1NDQtMDQyYy00M2RhLWEwYmQtOThiMTE5YjNkOWU0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzZ5dWUtMTVyaS1xaS1iZWktamluZy1nb25nLWppYW8tZHVvLXRpYW8teGlhbi1sdS15b3UtZGlhby16aGVuZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:46 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjMzOTY2MDYyMDUsInBhY2tldElkIjoiMDAwMEE3MDEtNmQwMzI1NDQtMDQyYy00M2RhLWEwYmQtOThiMTE5YjNkOWU0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzZ5dWUtMTVyaS1xaS1iZWktamluZy1nb25nLWppYW8tZHVvLXRpYW8teGlhbi1sdS15b3UtZGlhby16aGVuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:46 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjMzOTY2MDYyMDksInBhY2tldElkIjoiMDAwMEE3MDEtNmQwMzI1NDQtMDQyYy00M2RhLWEwYmQtOThiMTE5YjNkOWU0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzZ5dWUtMTVyaS1xaS1iZWktamluZy1nb25nLWppYW8tZHVvLXRpYW8teGlhbi1sdS15b3UtZGlhby16aGVuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:46 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjMzOTY2MDYyMTIsInBhY2tldElkIjoiMDAwMEE3MDEtNmQwMzI1NDQtMDQyYy00M2RhLWEwYmQtOThiMTE5YjNkOWU0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzZ5dWUtMTVyaS1xaS1iZWktamluZy1nb25nLWppYW8tZHVvLXRpYW8teGlhbi1sdS15b3UtZGlhby16aGVuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:46 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=6%E6%9C%8815%E6%97%A5%E8%B5%B7%20%E5%8C%97%E4%BA%AC%E5%85%AC%E4%BA%A4%E5%A4%9A%E6%A2%9D%E7%B7%9A%E8%B7%AF%E6%9C%89%E8%AA%BF%E6%95%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-7QKNI_xTSKvqK3pWgp2GZQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.4026066229601175&gjid=0.6256153952348766&_r=1&a=2991&z=0.19741117474135095&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 7AB6 		379 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
5ee714703781708f41a778672e71e80859ecf3e89be00f60b2da82b86705140a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 7AB6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7AB6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame B82E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1663396606&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
980
content-length
673
content-type
text/html
date
Sat, 17 Sep 2022 06:21:03 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
1HyOrHzG1UtMyDLorA2ZZ8LBOqlis6_7YJ-2biwGRbNKtL_U26McuA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:46 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 060F 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-15351295052285754535&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2856&oid=2&is_amp=5&amp_v=2208242209000&d_imp=1&c=732002991&ga_cid=amp-7QKNI_xTSKvqK3pWgp2GZQ&ga_hid=2991&dt=1663396605253&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&bdt=2164&dtd=376&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:46 GMT
expires
Sat, 17 Sep 2022 06:36:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame AE1F 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AE1F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AE1F 		498 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1767250546241506&correlator=39980722123362&eid=31069627&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1663396606431&lmt=1644386353&dlt=1663396604911&idt=1495&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=p348gs7e9k6i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=685115106.1663396606&ga_sid=1663396606&ga_hid=1155721060&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
c386bb4eaff0edb9b3da39cd9f57da8a8cc352ba93dff19d048a6fe39a3bd850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3ed068a02ba7af14c0b35b3d4743e97e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDBE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ed068a02ba7af14c0b35b3d4743e97e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:46 GMT
expires
Sun, 17 Sep 2023 06:36:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 3676 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3676 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3676 		491 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4462079031445103&correlator=790506162826592&eid=31068457%2C21068766%2C31067826&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1663396606561&lmt=1644386353&dlt=1663396604918&idt=1622&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ragk5g4piyy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1418782187.1663396607&ga_sid=1663396607&ga_hid=859763762&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
63737f5b4feee4fbef12fd70ba62b7c34904bb1bea4852d451ee06b92c3666a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e9ff84e58cb1d6544025f17bbc3df4df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4546 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e9ff84e58cb1d6544025f17bbc3df4df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:47 GMT
expires
Sun, 17 Sep 2023 06:36:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 10:55:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sat, 17 Sep 2022 06:36:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AE1F 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
63a01a2bf2dee6e2eca2e7ed3592cb423a15ca764166c0025f50d1a8b0871df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11023
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3676 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
9c7f8f74fe79ed9ee06f7f6600d0f261f6bd860835b9fa03ad1c66e504791ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11034
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AE1F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3676 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:48 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220917
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3830e42b6267039c92e941fee5656b21955b25a74d6340b9f78418b2ef8c5280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Sep 2022 06:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12897
x-jsd-version
1.0.1465
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19146-FRA, cache-scl2220031-SCL
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-6E38muOIMYAPB6Y+siLsK5TtT4w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TduYo13R9vJZir4sQ%2BS8RvOA2TcVD18c%2BjGjw6MGJqI8Q7ZpZmO6ki809%2BIBjYFDmouBUs7MC7Ih2roKYEPGtmW2zw1H%2FzzmC4l%2FFAGNRsZ1qyYrGpxp%2FLVFiJvcU9zIxss%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74bfd45f8e17377a-MEL
auction
rtb.adxpremium.services/openrtb2/ 		0
0
adreq
ads.servenobid.com/ 		405 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9858
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.61.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3bafa611790ac07103d9b393fcc52b42822a08c097322ea09b7ed711cd44ce2e

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.61.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
84f7bfbeb18b66cd3262bbb997c13301dec8eeb64984dae82a998aaece7591c0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.61.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-61-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3fc8a5e048783f1ba54ad434bec6bf79f27b1143e987ddc87f0cbab9d5916503

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=61368451-e55b-4fa3-8b75-72ee92bcd8e0%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=101902c7-0b8f-4c37-b42d-6904f96630f3%3B5afcbb32-7d0b-46c6-bd9d-aeb83fdf550a%3B1c63eb37-25d7-42cb-98ca-b12e4f480c9a&l_pb_bid_id=184e51e83eb5207%3B1910b0cd826eaaf%3B2016031dc196011&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.3652064523385101
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5f23d199022bb64ce8d0b4cb041e5fe7ece4e775660133819a12069a386aecd4

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:48 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e35966e7a3a744306df4d21ac262224d3aea9c2c91dd0695589c0b00de031922
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 17 Sep 2022 06:36:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d4e52f1e-b392-492c-b24f-e17aba30bfa4
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b661c09d8ebb71730ee096bfef7dbd23606ba2098c157b5b5833c70fd239a2f5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
39
alt-svc
clear
via
1.1 google
arj
adpushup-d.openx.net/w/1.0/ 		174 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0633b68d-c47b-4642-977c-6856f76bb194%2Caa50000c-daf7-447c-8d1a-e1a8c8127e46%2Cf396b792-73f5-4aa1-87b8-fa8b03bb8a1f&nocache=1663396607729&pubcid=61368451-e55b-4fa3-8b75-72ee92bcd8e0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b6708b2ce9bc4d9d0a48c6c31beeaf8f14191bceee5e3e27762a0992db5f313f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9001ca67-bd09-46b0-a5ab-a786a7807bb8&nocache=1663396607730&pubcid=61368451-e55b-4fa3-8b75-72ee92bcd8e0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:47 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=840c7337-238c-45fe-908b-ae0c9beac7ed&nocache=1663396607730&pubcid=61368451-e55b-4fa3-8b75-72ee92bcd8e0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:47 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7a618fe7-47c1-4c6e-9b10-93bbc14336d7&nocache=1663396607730&pubcid=61368451-e55b-4fa3-8b75-72ee92bcd8e0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=62343758419
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Sep 2022 06:36:47 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		584 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
cfa55b4f2159f4070ae4b5535d4853440d8b5e1ed5b04875eb408251f49075d0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
283
content-length
299
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 17 Sep 2022 06:36:48 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.169.230 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-169-230.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
accept-ch
user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.196.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-196-20.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Sep 2022 06:36:49 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
503
vary
Accept-Encoding
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227079229ccc995a3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22773deb4345b8b23%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2280721a5322c4ac5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2281241eac0cc4076%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2261368451-e55b-4fa3-8b75-72ee92bcd8e0%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fda706ccec5af43c29b033ab17762d2a95df1f3cf77ea63532bc0b9eaa1d776

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRrxHQgbCVkx54QypFT6X3MRUcr7XlTKTg2qpXGmx6MpOMj8IsWnWpt1zNtLIHSFogPQVmyDwhHtTovjo%2FOM2oq31A%2Fmqx%2Bsrq9TEk4BFH1crRXZ5177RK%2Fp5YrLUptin4XdFt8%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74bfd45ffe1717cd-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227079229ccc995a3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2280721a5322c4ac5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2281241eac0cc4076%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2261368451-e55b-4fa3-8b75-72ee92bcd8e0%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fda706ccec5af43c29b033ab17762d2a95df1f3cf77ea63532bc0b9eaa1d776

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAGKMNPCR1XpRTjo%2FWzcflf21l0LsiHYdHSwsXuHatQuC2%2FnjtYQ4dQZUtjVl0zR2xmz%2BSqgrRAzErTkobT4EdbO%2BJbxvpd0wuQ10pb0xM7c6qOGM6H7mOK5r8fqn%2F2H1WA7KLZM"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74bfd45ffe1a17cd-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 24 Sep 2022 06:36:48 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2BB8 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
eacc89c065c5d2cb0a2bbcb89fa86cfb329972713b64d2c88fab4fdfdaa4748b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40761
x-xss-protection
0
server
cafe
etag
13630016353050873767
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 06:36:48 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B82E 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
62238363c539e9dd1274e44f78c28aee6d6fe37552a392e305ab200fd170eaa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40758
x-xss-protection
0
server
cafe
etag
6821004119113116495
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 06:36:48 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 2BB8 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
5cc85b6bebf080ea19ba6e718120fd4757738df079847e3a56d37fd29fe38af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124742
x-xss-protection
0
server
cafe
etag
12529516591881713950
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 06:36:48 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame B82E 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
748917abe22241e86d07017f8f285739c7a10d6306d15d6fa0c83f3d0622cac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124737
x-xss-protection
0
server
cafe
etag
1735209870657692122
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 06:36:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B3C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
140324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:38:04 GMT
expires
Fri, 15 Sep 2023 15:38:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 84A2 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
0ba4eb00298aaf6fb6e5a6e0c9bafaf47b88e7f8db2c2be86ea92a6d72c67028
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o5kuIhQ4fIcNIZkWSbUfNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-o5kuIhQ4fIcNIZkWSbUfNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:48 GMT
expires
Sat, 17 Sep 2022 06:36:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 906B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
140324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:38:04 GMT
expires
Fri, 15 Sep 2023 15:38:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D958 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
11cbf9aeb12b5c342ab73997c19631a891d76812470534316052003914c54f14
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-POnDI7XwcmQcN7pE_yVa4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-POnDI7XwcmQcN7pE_yVa4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:48 GMT
expires
Sat, 17 Sep 2022 06:36:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-78.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:57:20 GMT
via
1.1 beabd6d4d869f3809233bc395642a58e.cloudfront.net (CloudFront)
age
2369
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN2-P1
accept-ranges
bytes
x-amz-cf-id
utsjxTgr2EB9v3Lg38KRNTlFFYmlGlAxziXIdLN1Dn2Ofn52ZjBG3A==
integrator.js
adservice.google.com.au/adsid/ Frame 2BB8 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2BB8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2120 		17 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
3ada884fbeb45fd0af33927f9f5c4143a441a44bc7dc418f28c88ddcfd888f96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9503
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:49 GMT
expires
Sat, 17 Sep 2022 06:36:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame B82E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B82E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DADA 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
de799575daa88c00d989a66b4bb49cee872e08b604599f313cb4f343407b417a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9284
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:49 GMT
expires
Sat, 17 Sep 2022 06:36:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 0B3C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 906B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 84A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091401&jk=1767250546241506&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D958 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=4462079031445103&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4OTYwNDdfMTY2MzM5NjYwODc2MyIsInVzZXJJZCI6Ijk5NTc4OV8xNjYzMzk2NjA4NzYzIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMTIzODY3XzE2NjMzOTY2MDg3NjMiLCJwYWdlUGF0aCI6IiUyRmElMkY2eXVlLTE1cmktcWktYmVpLWppbmctZ29uZy1qaWFvLWR1by10aWFvLXhpYW4tbHUteW91LWRpYW8temhlbmcuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkY2eXVlLTE1cmktcWktYmVpLWppbmctZ29uZy1qaWFvLWR1by10aWFvLXhpYW4tbHUteW91LWRpYW8temhlbmcuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjYzMzk2NjA4NzY0fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:49 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvNnl1ZS0xNXJpLXFpLWJlaS1qaW5nLWdvbmctamlhby1kdW8tdGlhby14aWFuLWx1LXlvdS1kaWFvLXpoZW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvNnl1ZS0xNXJpLXFpLWJlaS1qaW5nLWdvbmctamlhby1kdW8tdGlhby14aWFuLWx1LXlvdS1kaWFvLXpoZW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.5.176 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-176.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sat, 17 Sep 2022 06:36:49 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=923
content-type
text/html
content-length
555
expires
Sat, 17 Sep 2022 07:36:49 GMT
pixel
pxl.qccerttest.com/ 		35 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1766960106;fpan=1;fpa=P0-1419022661-1663396608854;pbc=61368451-e55b-4fa3-8b75-72ee92bcd8e0;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1663396608854;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-79.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 22:05:19 GMT
via
1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
30691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
njVEy6fuQrf2j8C3PWTy9knTT-ycboqDTZIzVq9R4fwAYh39IhwHzA==
pixel;r=593468733;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=593468733;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1419022661-1663396608854;pbc=61368451-e55b-4fa3-8b75-72ee92bcd8e0;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1663396608857;tzo=0;ogl=;ses=4a51add4-e07c-462a-880a-69ddd4470a6a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0B3C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RiQMGQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 906B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?w4AR_A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DADA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvnuvvT29OSY_ca4CaGLsyUKdmkwYa-isxws8bh6y56WsenIzeepf2SXA722yGuXFm3VtbA3GYRDi6c32nuNKxX8boVPnlPfqD2wc7A9UAzT5VaZs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame DADA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1821
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:06:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame DADA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 04:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 04:25:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DADA 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 622D 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWP5fDgVYYjKGIT6UpWSQOvi14GBrE11dg-xplwEo_a2L4_t7sKsUx-3xtoCAEVaZcrxky6Wattz0m563xl2PfQdo_hLA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame DADA 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATJxCNwdkQJeWpoCfcVkIIoKnItrqnUfgx71ixtDIhilraplx2qRrWoqYCwZNQClYWBQsQhC26NbKQASU-3-kniINoFxLDeGy0vkWYw9VdlXA6r9rgQIK0gBnMe7-4NnGx7f-8t38RNGxYFDKnI-gVe-WHH5dbGUjcRg3M0c16h_coKYg&dbm_d=AKAmf-DvJ3Gzn9asHeGXccFkAy-FzUjV61N6mzGMWw7zl5-wxdDh_L7KT6-xJueqEHxfgRmDjR6vcL7W0x0Bi0mvcIPR5EeRhMHA-9JC0Xldl8ozVxjKnfL3uoiWDlbC31CWMsMZWg4H7ATToLWrOI_RwsHr9zhbeLpyahCOkaa8w2pxHB0w66p3R-WFnJPwnzvGfuZGWwPb31Av_9PiAcZXNIAsmhlZOQi_Pc6bA-CaPnNu9pahJth5NPQvhNxLO2IxpKrIMTwA49ZLwCwgUfATtNTlsEq0f_BQgULFg-oDA0TNCwQyuPp90riuYoj-vMtpwFFXXsDKDnSp7-XvuTRWH9-wlNb5dJw3A42nM7OU9k-4LVajp9FMfwpUDZdQZjdSz4S4mQTC2CVJ2E106iR5gFzUC4tGyTXCR4-KT9pliSOSx3SAQtFALWn8Fmcml-fZD4Mbgx9Al-rqfozntSS3B7BkEQ4k9QiNsU_wUqi5z8axjv6MjANq105QsSINuxNM6dM1Pm9cMyldDI5rVqKj1n1dkGFoFRNA1npACx20g9gZUj5O0oUKdBbBk6ZPn3mWx7-vSmqFwrTNtamx3-hQ6AyckOiDnt8M2iH8HMQsofJ1EttdZfQrbYV20IXNYhvYfl_X5tP1lmb2FID7NtxawCaRRitY1Sdz5vvriFO8YLwMBHoGxLP8IiuXa_HuFucgKhG4J7zH5Zug2IYx8DhRI1py8boOR5tVHTwKysf34cOizXmeTd8ZfjXIBfyJ41wZirrt6Y4mbRsa74F3UjR3cyISNhI5tbvziQdL4RvQxyfMCM0Ob-hkgMN2X_n1T8y5Gdctz5NHqBkEZfyRsWlWhrAvuO435gIhcbvV3ovlMEStDqurqcY-qc41TWrPDyBwvV_aUyDc9mMmiub4JeDy5GC3KA_qoqEOJEjeBU4yJ7MyGKbmdAu5UpRZRmTLORZLauRY5W02CYTPHNmjWq7EcYAKu7AFB6ahUpsT5xG5rujDo8BWW8UmKmAE_N75mdM8YeslrGgyPfOo-3k2lg96D877rGxUDw9NPypNcNUg_hBqOvVQoJRZnW9aVQ51EPwmKeFPcz_uvsx5t6mmOYVq7xyfuwnYfnoHJ5IL2Ul2elm3yO949TV7go8LxSp4O4aN6O8Ix3bJ3lirmdqNLh-ZmKJNkZEf_1k843orxvrTs4iZ5hfLW0Nlt6kw67v2NwWqyTkr_qLqVl7k_USBrCVhjdpIB0aQ0FKJq5nd-g10wOYIiACWCdufpmLhj94OaIpFD4haIFq8PZR15uPVLdnvI4hbCOudYNP8plSlJVdVKUrFe9kpR0DFYs_4Qw1xi9PX9sNk4HZUS55Inq-b_27kuZHkkoV9Ygxoc3i_ugIYeKgGhzpE968CI9w9eBBZFjUdypwODMAaHDa_NdLSbaI4CeRmCo37lkKDrT3sLr_XIgCpwP8zcQ_ilGQIFZvAFluaHPwZKYzeuSaYBVMdXjHijPnfdNYQMR6OCfXx2eWqtBGb-KP9gTg9DgMnR2ybTnkUS0qmnG870xKtXdZqcqvpoqJ1nT_q0SZHxuecZW5_2CwlVyLBq-MmdXQEBWRlBVM7Qpu4RKZCgDo2B_Hv8lPg-QlfyC6DdypGuy_otodueM-zAi2I3q0swgeRu7abk5-W8OsOnL9iQk0U1sV27HEeK26QV07-OVoLabdOlxXSklDPK68Cx_Wum3aoAzpKLkqCxL8KYlt8kbPWSvJHDHLVdrWV3fW0zT5YvZEmZGn8gTTMhA_g1OxH7wbeAVLfjWBYXk8TgglHV3jb9Xx2say1qa8mJ-MXqxP7JPVwFDuIFf_DTOz1uqVFvKT3qMJO22Y6E77AHp2N03Oiwhgg7NiJZL7W3RcsJGvZ-E7CkoR8RVEHpjvSiCKSGGqhMoA-2JLQ8ibkXXrKPqyKXDNpHOzXSAeNsWfenzdkJxef6dOGPdYpy9lpzzWy_EAdiwxy-siShnE3oywSLds9rrfg0vooncXJ9a9Dd3C3z_WrsqPIkM8tpkEJNTIJhhTfKz95Qr7JV6UFQoDlPMB7GeAdluE5OC7C5hr-otNXKvebNdMRYKWYv_er3OsjB0ZuTzzVfP4yvEd_hXV3ntecMRtCSa0YlKTpgMejry7JEGcEvNB0dNcxWmaEv840Dtt8_PPJ_Y0jci-K49dGAOo7e-iE6FA4cUFEYNnte4NqDo_dWmr9VsEwUdYLljXFdpFNK9VtZv_2N4UbeHo-AAnV76rjCUKqL-L-TaCFgRSPFCdJM6skch_Y9zWtj_vV69_DAe8g25oEKlrNnjgQDEAQ2f_-dsSB0NJRf_WWfTosQdO4qAM8wtksSMheiR-64GeOLBm10pgxaARADVvrhqJODwse8FO_g2M2y9oeMfYD9-NARBcW8T9ErD_it1cfOmajpkKNhR9piooIsbgAhcfKgzr8BfYDSJ-VaJ9qaI97rWqOkmM9gJ7dfN6Wda0ZXZDNwSaY5xxAFl8moegz7hFfMvp1RAkLAdfrldt3z9dlS1MfXYiWsq0FGlu4ST1XWNd_wkV0J7Tr5kOu-6vNzk3v8GWo5qFF5IzczBxifgyLaESBiIkj8N9gW7Jl-ftjKY5xIT5BoRJ7BQ-UDt9Rzmuw7H0_apkAIpztsB5kdU7Yiq8157-83fd8j30EMfm_yI5uQ5U7-gITvJpicHjxTAXI3XTTOt_gIb94OEk_T3UnaMvStI09YFyYdrBQaPMW5K-4axO8fQBkSkGToFsCktqdNPGYNT4k5fXY415Cy99p4voL2GTU3IVlud2Uk9o4fF9HN0DcNdpUC5XHAPnpKv7HipgzaDhsRyoJ82NEt_V4crTmqT89ZZiFQXiz3CimvdAgad3kXoqWx00aXynwuQ81eXZJ1Rk7k5PTq3aCSHlYLRQu6fUZ0E1AHgr6mHtAvDe4WLsFEbhkT2QiG4G9ALd4v59EzM7JuYMEy8Ck8KJcN48IBJFrFdlcSNWJ_GLHCWx2ENgUv0arqoyfqDHqHVCXcbBrdl39pikB89ib0ZlWAq4hX3HngSGamSs24LjYxAOwN61_H42Feze4oXXs&cid=CAASEuRo-1bqYPlwjoznkuDgRJw16Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
f28bc196995cc6ee86af9a3b345f89d92aceadd259a5aeeec61b6fe8adac5858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34022
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2120 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AxzqVeN7J_2CEYRHYf06fVDeiAjt7_ExkG2AWXhJNoDS3yXIf86oo4PLLnv99AHzz2zna-P_Da66fm3QO_qwQJ3G9asHQvUqE_PQxmFk2bnq8HbHY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8EE8 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVxT9AwWhUhp5MazXxt3i4FkUUdGMHpea7Vj1tNnfj8396uq80IU4lv_t8xF-_pVTQHA2YOvVJgqFYEPVx-l6IkJyoPOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2120 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0ajcgGzIariiHkB1-bi5yvtC1DglmFdctH1eQAPLN--mzm0hXvNokDWEwgFB6YOUEaWuWmTj-ldz-mNxHC_CgbdQ3BsobGvazKmXgLUAmzzDT0-J4nG6mkj_18Wt-iY-Gnh8h7DQBMnlVgYLMI5B5fbmWWw&dbm_d=AKAmf-BIan6ujb97HlOf50jQBN7kQqEnwiyldFHKc4BH8o_NO_lhEvC9PkNF4ef5p99cSgGJ2srpfaDhI40odt3WQaHiPyrvCYX5_Dax_XEpc4ds5HuOGRcpLGvyn2i8x1LqEOfNXZmk1somSAYTqSyRZsOAhE0rjrbIw7vtbgw7nY8-VG4YreE1Ck3xBD3Y3zUbbxc2fHjQwUCHMZolMD4K8a4Md7uvKfx21prgC-ZaIkF11jt273GZAYVJwKM3vvU3J8ttQcVuWI2G9-5Ruv9Hl718Qce3THTrOy1giX8a8POmnaNw6c6JgEbQx_WWZt8Q_FFPnfhnYDCJ_CLNnG0JnuF7iayl8Xb9SKpaLYmp9vTdK1hdrGziC5QL9mv1qGUo6EAk9iAoG9uP0flnN-CdaU2Lqq1oiKL5aINVwMri41YplbPm1CIaE48DwA0sNwt8su5oWYyrchXxHGncFyLWPmX7jtnwQxtLCEAlJaHyOep5yU00J3fyYxcN_pxpyl_1zXqBDWfq_S2m4fR9LIBHNxm-kt8kj25GLiJ0RpaU8fKU6gyuQjwRDuPkmsGOcfmKNfVWMLl6P5pkpn9_kVAZK5F0fkNWeyV7v9dEl9fgpzqhdDKBkpULMIvpIQ5uhPidQ101PXJy1Ut1p8cSMx-ZsZcCTk8v2HpzLz6hdM31Ik7SJTcdT136oYWmLnoYWBQBOL2lLQt7ciuuF08SPbOMEs2-J0t2MRI9-dNP0B26A3MbjNKTP1-DKlf4krtSrJ-Jr024EqpnIfLpA-mgaEexE6UHDQ_MkCRkmYFZt1g0DtNhs4JwzEqB4f2Gaok1itd4nZSy2CQas-Odlqg9cBGbvEM7KgkIwCee8fZlHq0pLA33c9iRcnqCTgcGseEUBKGrONoCpHDSk-n1Ht6lW_ur9FEZoY0jG0d_-hDDKwkIfS-qJoexYFJgn20tt6hX5UmlrUgKruWjHE6I1kxcHTs2jIXMlrUyIfhGK5ncfySuR-pWi7REgr2dyAhyGJ-wV-Pkw7vn3-3kPEMVB-Lkcn2np4Qs9FZj-SQPJ18GFvS37zCI8x0x41EIbBMcBKopC8Dia1f8Hu7dFaDsfh9u2899zSXmQuLZFUqJuv3erUW2XycyGDRZQYJmnapewbIAeklCOkyEBlq0fHQdY_q7tp9hh2i5zvjAP-WGVUhokrctfZvezUnmBjdOZG2aOY8WrXHEI7GvtaWIhv595vDCQStVWvDY5Y0IOvVSinHmUkwzumBujc1REowhL3fUAkgq7bPrM13Ut2UnJjxFZ1A0zntAiQG6kBBvd3ymYa4e-l3N5-tKiXkkDDzsC7p4voOqm-O5hZPvBbMrlr8UEf1s6ASXfXG0KwaVdkZvyRMEI4ImHYqPRqV0jkO4MImpOMd4VSniST7TK_nXVuTsxKamM8lz_MzSi4ktWO1G3NCaKQVoBO7o_-wTYwiA8D8QiPndTUDMZNy47UVS1rfTgnXVi4c7s_31YTdsUonbdNgfuigMDOjkE5Dw-rz_CJJJDU1DLUF0bZ35N9erZtzOkF_42PBbK0d3aEDPnZvfToorWyCUA1ArG6GhxHKqDjgwZYJMKL5GHqjcqWjhLwMh49Ex_HtroCGgFmnX8L5wsM4WLfta7P8sxXY1SjC4Wt8_SYEMuskvnIWThkXiUf8eB4GxNrZIHx8BXANnaGHJ_F5uYn5NOz67gejoxbWnauPAOc1fxvmPlC15kPZcoeBmpbbq4lASLJ_sKejo_I9VAUpdo3z84UCI22l7tBfpRRQn4YaJZKEbpQauP2ruqZeM_j7Fd27vXNspyaw3DuVXx8bWYBybWYGqEtwv9wm8ng___ZHjU4_lGkHV79PylvlM8X5M-PZA-nU-xefQBajyd9zXwgzpbKP-irbXOJnITs872GZyMOC6Kwm8ctmxvKIxL07_3hgRio_72UdMsKJB9R8uhvLhsuMEtHc2ctHYGyC9I8cuy3d1meMgmQlDk-f3QRYuz2NsZ0u3qvWeaKTSSJ-AwKrSfvlOs3UJUNVkkkpKFUwKOgdEPt5t7kHCqipjV_IQDzVw-vkFo1p-ZmiaK-4ArhjpRt4P7ujZY7DPYRdcvQ9fXxfjxF_rp2RKyEiv0qgDZwd9Yi_buIiNZyUOqRVDm3OUVHbqkInXOnpKcltot9SpAT8oX6zOxVTm2lu2ZFtoXOTfdXj0K4OaOi-YC1h-qVwtUO1MJx-LQSZe8dYdqDnOLDv7hwtwEm9TawloEfEQJU-FPtXrf9gK6pAlnCVOCssPWhQaHdPhdpwReflzOii5IgVp_b7QHlPDksmaaNEFIDrMa62qjtZjHUqaED3mQ_viJfJKUj_L3mPFoafLM4W07dV7HvJHF76ld5M0oaHhXywxb9bFpErbv068aWGwoIRcr5I5sLhYYpiPkV3U5YZkTlnIUuYyUFJI2TsUTeej4qRtXc3_09X_Dnclx2b1zCEsa4iyUcde4LOylef9mSrlgs8SAQaKAc7Bh5xfAXiFueAqNPJWeVxyVgXoSSA3ehpIDS_tochxYzZ-51RzR1wnQeOMAl17qpVDhHglBnHdn7hcsm8DVuCtYNrZC4hA4LTYn1CkFc0gPORpfV5xOItsVmX87ZjDy41mYn4_SkasjPb0MG0UEp6lIcnTvNl86-r2folrRizMBjbwDgdYXPdE5LG6rntM8pWc1j1DO-Ufkk8tB3QJPH3i_CFEqSsExLIQhB_t4BVXlhuOHMX3qIdpcZXlHNUqrfXu-k5BgDyVnx-7leqOfsqE4HG4xeEFwM6cfFzxvd4fMzvaPNUChJ0trnbBzK4nM_R9Qdw-hMnSqJygEJqJWZMD6wkdqtXLd1d2b1lMLU3XfGSJNwus4P1TKbejGYZjHsbsEy3rtkcjkscKvE7O8CKzWcA8dBLQi4a6O0Il72X3In0EOozqLt-k-68ZMw77UofiR9WNGqzz6EAg2cPROSe0GM4zABM3guaKRUcHntZNufh__VpfcopBoRJEWMXMP3LcZiVd-6dP8yBJlXeDvt1cWAQU7ciuljHDz5IG50otUg8&cid=CAASEuRoX4Z1asaZl25fGWNskk4bDA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
ede3c9f1409adf93385e8b7ff05f6d0461d992b9981f5c4b063e7f1215bc6f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 2120 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1821
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:06:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 2120 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 04:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 04:25:15 GMT
l
www.google.com/ads/measurement/ Frame 2120 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3-ZecrwuA2gPMDbgIgcRCsltRxynh1AbnsCnpT81ixHOEyAELNAZP5bhsLymQq12oK-BTxB98scNfn22RdRbvYAMZ4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2120 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:49 GMT
rum
dsum-sec.casalemedia.com/ Frame 622D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWP5fDgVYYjKGIT6UpWSQOvi14GBrE11dg-xplwEo_a2L4_t7sKsUx-3xtoCAEVaZcrxky6Wattz0m563xl2PfQdo_hLA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd46d2d0bdf8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhLESq2zi2i1yBzFX%2FgqVxD1D%2Fkazpup7CJ9zQB0wnQJzygwEfGyFKBHiBNTG1iwf5Q529bzjP9waPU4slKR%2BZUIM6JrtbCpXgO4bofPmVJpEbyCsF3hQ8xdkHL%2FFpdQeoaa6qFHzKXTBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 622D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyVrATEoN7vtR3e9eVOJSAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWP5fDgVYYjKGIT6UpWSQOvi14GBrE11dg-xplwEo_a2L4_t7sKsUx-3xtoCAEVaZcrxky6Wattz0m563xl2PfQdo_hLA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd4709956df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeVIphRBr2%2F9quW3nlahOaudpzU3UbIQHpJcepdoBNIAcBmO%2BVStx%2BrC0LuONrnjr6um4qIZIGTCFHfWMPNvoGjYx%2BwGJYeZUm2RG4%2BtZL8u%2BzDdUnOT9nOs3xZbbNDLB1%2F9VyBGVBa3Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 622D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOFm-JM5PbEW8quZYAxZ15Q&google_cver=1
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOFm-JM5PbEW8quZYAxZ15Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWP5fDgVYYjKGIT6UpWSQOvi14GBrE11dg-xplwEo_a2L4_t7sKsUx-3xtoCAEVaZcrxky6Wattz0m563xl2PfQdo_hLA
Protocol
HTTP/1.1
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:50 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9abeab8c-e813-4d63-a473-569a1f4db115
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOFm-JM5PbEW8quZYAxZ15Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 622D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU2NjY5NjI3ODM0OTIxNDYx
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU2NjY5NjI3ODM0OTIxNDYx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNWP5fDgVYYjKGIT6UpWSQOvi14GBrE11dg-xplwEo_a2L4_t7sKsUx-3xtoCAEVaZcrxky6Wattz0m563xl2PfQdo_hLA
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:49 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ea64afde-7847-4401-9b0d-7ccf18287e0a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU2NjY5NjI3ODM0OTIxNDYx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AE1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091401&jk=1767250546241506&bg=!5-Sl5KDNAAZqQh0mSkI7ACkAdvg8WtWJqgpJyMQxdJQvE2bf40nVzQXcBbMN9ieNpkhBm_f3qOpOjgIAAACKUgAAAAJoAQcKAGwb2I4u2dKNlkOF9FOBPO7Hb5jDU_T9EBbeh2bJWOJKh59vhLynDKKkdO7GTMCcs009RMlpgY7h0iFIzRvkvXQqPKb8rE1GlXHH62ShYPt7cWDns0PXVt3Lo5bGxGFVPogIMN574Q4KDAC_1hmZAq_68qJt-Gwlm9Rnl6liui_s_c6FeD1NhUHfvf9S55bEWDMVC0T22shMafg1PiGAKDhbd6vdrCmDkBBJbXyycrkODws9eBt8nKQhDitrA7umZrC0YVvKg9lNDiPN06W2kTbzLuf2bjIDDECmO23bv9DuSGHlQk09o95iB_Vvt3d_QEtvqMNHujw9gamXf_5kJEIWn2ZoE4BhtgmD1FjtsLBBoIy8nFQor7I0oF988ziBR9Qlue1-hG6LLvZl7Zyfz3NcJx3Aup5Ae2ikibhwDKXKlI_Wchyrk6MYapShphCpzrkJ8I5qCkPcjN82Ar4wfNL8trXPqCh30U6FYxbVUdqXpvBrxRbzOkT5VvtPbX6CPkLgrLpV1q73YlRsEQUO_YNUDnUoDuC87mku9AOrE-zOJQ9leMUEp1kSTjM8QhgnrIfxn2ywxbYiKzTvvW43mhWUJ70xAlMU9gWPtxM1yux6yfPgFaBbue_SPW-M5FdzpoxMTS1HHj-jO4FGSjsFtjg5-KykHNFx3_s40km0ie4Zy87GEUf2rfcM9M3V6ixpSxv93rLoeZBSUQj6ORQkKr8aa78_vJKGmsySIMBEl9mQuJiOqsgoYriaAQPcjm3keoPlsnADG1W6VdWW1I-N9IhAnbzYzsJm7oxuLUrboSsZjnIrcmyjucFDVDHWjfy4T5lSQHv5ksyCFSAl_LvRG-HgupBFXVd4SPW3Wt1w0De3vg0MTjsNPfbkh3VOvGdbD_Elp5o0fnujy5iz7mLvv7tu9oksqWaAvBupTLLp_EezCTLJT0jKs9XHhTTYt2-BcGDBz_e2KcXIVzAEMa3HBKQdeuqyFQ65dVFV8NqaRFbMKyUQfwfiQ9zMjTjiesfbKnXzBemW-_z2_MVB7JdHHAsPAO1kUSEtMOw4WvWgXXI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3676 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=4462079031445103&bg=!SUqlSg7NAAZqQh0mSkI7ACkAdvg8WgW7oC8ftM7nMCb9J6CQ4ZQmAW47671Yqzu1XRgIWH8HZpUXwgIAAACBUgAAAAJoAQeZArLj3epxJvYvgaILCjSnqZE_SE7q04TZG18BXsaIsEAs86Qn216LWmRFUTYNyHLQCIBO1F4JCODKt2VwClivlls1VbVpNqNOHOVhFb9PyUI2sT6W5pxZe0c8RHg_2XxYnZVBvi5F-GJSDi_U72qCklfqbLTuRCGL1UGl13uRQD3rQJ0_vJz6cJ9EjKL-jOv8oqbp8ZVd0ZBc7A854f6E-eGFuOKIIZ08jex6q_o1mWxsMili0pAjAhG94tK5xUF4hHDtrIvh6wba6LI_cFcaUq3RX38aaT0B7jPiIRnRnt8E3UCA-AonpJYNn20sfMIU0dmtuzY3eYTQrf70UjXd7M_oISZqG24gUqQj69ijOk2eenN8s2wHRcG7VXOYY3U-NtamF9yACTSfiJP5l73yyrnDLPPdf4zPisv5kbJ4wdlCImKaGyH7ZPIxsFG_63MpZCaL_KAmyu2hdS4J7TlFiYAcWWhl5p_-W-ragzPzZ0EjOCyM2hG6U45a_YZ3ez28Zc9grQfgI9k0QSf92ekA0TOxrR_7gf2aHK2nsnh7Mbwj7153O0YNroHMl6okv1Hz53dOQSBul-8bV20G3DKtN09KuzgLTRuvZDc8GjApA7vh-pICJ9urlh39kEKmHseN7_2WaexiXvTw1TuFDF3C3JwD-1FbIQ5EJZVdBS2WO-9gpW-OXQgt_2Z8CyDBmWivW17ErD63lBWqXE_pepY9X_E4sLroC3kYlJetOaCalc2Z39xYWPLXoNhNnIJx3oav8cGBya2CH0JSQDMvvHOIPkNUlAkMz5gSbu6H6YjySqqoH3zDEoJVmrxImWMvTCCVOVVgpac-YYPMuoIDUMRi23Z5J-XcKT31u_OItXY8XWnDG_5qD1vUZm3hjk20lPvN5uA2mRY-GSz7agxeRCqlKOdMpiI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 8EE8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVxT9AwWhUhp5MazXxt3i4FkUUdGMHpea7Vj1tNnfj8396uq80IU4lv_t8xF-_pVTQHA2YOvVJgqFYEPVx-l6IkJyoPOg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd46d2d08df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BccASJO1BMKo1mXQm6jJX%2BlJObmjiv5ZSEy3D3sFrViRvGrpIMiSSmNwpLC1j2RZO2zy0O3%2FP%2BgCdWmFhBHK%2Bos%2FstjfJxzZllgfWgbgsMBNbEWl0lM5SVipUrE9JAQkHjBfCC23GiiTbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8EE8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyVrAYu0W8DwXovNsZOEYgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVxT9AwWhUhp5MazXxt3i4FkUUdGMHpea7Vj1tNnfj8396uq80IU4lv_t8xF-_pVTQHA2YOvVJgqFYEPVx-l6IkJyoPOg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd470894adf8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmzeLXDENA89JtgV1PZbnVDXn7Oojg%2BntW1U2R%2Ffiq2s6HuBAKVrIAkFgtkJlb04vnRAt%2BTmY%2BlgeyrB9pa2wYE8Clj80KAdyqRuZmIJ2Lxj9finKKVqRkvHuY4XM45kQr%2B3lel7hmOfzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2VbHbT74sSqQBKgCZ6hB0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8EE8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOFm-JM5PbEW8quZYAxZ15Q&google_cver=1
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOFm-JM5PbEW8quZYAxZ15Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVxT9AwWhUhp5MazXxt3i4FkUUdGMHpea7Vj1tNnfj8396uq80IU4lv_t8xF-_pVTQHA2YOvVJgqFYEPVx-l6IkJyoPOg
Protocol
HTTP/1.1
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:50 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1a6aecf3-a8bf-4b36-8307-8f5c0903f1ad
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOFm-JM5PbEW8quZYAxZ15Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8EE8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU2NjY5NjI3ODM0OTIxNDYx
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU2NjY5NjI3ODM0OTIxNDYx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYu8Do0gEwAQ&v=APEucNVxT9AwWhUhp5MazXxt3i4FkUUdGMHpea7Vj1tNnfj8396uq80IU4lv_t8xF-_pVTQHA2YOvVJgqFYEPVx-l6IkJyoPOg
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:49 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cdf66835-aaea-4896-bd66-9f9e342e2c8d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU2NjY5NjI3ODM0OTIxNDYx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame DADA 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Sep 2022 05:47:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame DADA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATJxCNwdkQJeWpoCfcVkIIoKnItrqnUfgx71ixtDIhilraplx2qRrWoqYCwZNQClYWBQsQhC26NbKQASU-3-kniINoFxLDeGy0vkWYw9VdlXA6r9rgQIK0gBnMe7-4NnGx7f-8t38RNGxYFDKnI-gVe-WHH5dbGUjcRg3M0c16h_coKYg&dbm_d=AKAmf-DvJ3Gzn9asHeGXccFkAy-FzUjV61N6mzGMWw7zl5-wxdDh_L7KT6-xJueqEHxfgRmDjR6vcL7W0x0Bi0mvcIPR5EeRhMHA-9JC0Xldl8ozVxjKnfL3uoiWDlbC31CWMsMZWg4H7ATToLWrOI_RwsHr9zhbeLpyahCOkaa8w2pxHB0w66p3R-WFnJPwnzvGfuZGWwPb31Av_9PiAcZXNIAsmhlZOQi_Pc6bA-CaPnNu9pahJth5NPQvhNxLO2IxpKrIMTwA49ZLwCwgUfATtNTlsEq0f_BQgULFg-oDA0TNCwQyuPp90riuYoj-vMtpwFFXXsDKDnSp7-XvuTRWH9-wlNb5dJw3A42nM7OU9k-4LVajp9FMfwpUDZdQZjdSz4S4mQTC2CVJ2E106iR5gFzUC4tGyTXCR4-KT9pliSOSx3SAQtFALWn8Fmcml-fZD4Mbgx9Al-rqfozntSS3B7BkEQ4k9QiNsU_wUqi5z8axjv6MjANq105QsSINuxNM6dM1Pm9cMyldDI5rVqKj1n1dkGFoFRNA1npACx20g9gZUj5O0oUKdBbBk6ZPn3mWx7-vSmqFwrTNtamx3-hQ6AyckOiDnt8M2iH8HMQsofJ1EttdZfQrbYV20IXNYhvYfl_X5tP1lmb2FID7NtxawCaRRitY1Sdz5vvriFO8YLwMBHoGxLP8IiuXa_HuFucgKhG4J7zH5Zug2IYx8DhRI1py8boOR5tVHTwKysf34cOizXmeTd8ZfjXIBfyJ41wZirrt6Y4mbRsa74F3UjR3cyISNhI5tbvziQdL4RvQxyfMCM0Ob-hkgMN2X_n1T8y5Gdctz5NHqBkEZfyRsWlWhrAvuO435gIhcbvV3ovlMEStDqurqcY-qc41TWrPDyBwvV_aUyDc9mMmiub4JeDy5GC3KA_qoqEOJEjeBU4yJ7MyGKbmdAu5UpRZRmTLORZLauRY5W02CYTPHNmjWq7EcYAKu7AFB6ahUpsT5xG5rujDo8BWW8UmKmAE_N75mdM8YeslrGgyPfOo-3k2lg96D877rGxUDw9NPypNcNUg_hBqOvVQoJRZnW9aVQ51EPwmKeFPcz_uvsx5t6mmOYVq7xyfuwnYfnoHJ5IL2Ul2elm3yO949TV7go8LxSp4O4aN6O8Ix3bJ3lirmdqNLh-ZmKJNkZEf_1k843orxvrTs4iZ5hfLW0Nlt6kw67v2NwWqyTkr_qLqVl7k_USBrCVhjdpIB0aQ0FKJq5nd-g10wOYIiACWCdufpmLhj94OaIpFD4haIFq8PZR15uPVLdnvI4hbCOudYNP8plSlJVdVKUrFe9kpR0DFYs_4Qw1xi9PX9sNk4HZUS55Inq-b_27kuZHkkoV9Ygxoc3i_ugIYeKgGhzpE968CI9w9eBBZFjUdypwODMAaHDa_NdLSbaI4CeRmCo37lkKDrT3sLr_XIgCpwP8zcQ_ilGQIFZvAFluaHPwZKYzeuSaYBVMdXjHijPnfdNYQMR6OCfXx2eWqtBGb-KP9gTg9DgMnR2ybTnkUS0qmnG870xKtXdZqcqvpoqJ1nT_q0SZHxuecZW5_2CwlVyLBq-MmdXQEBWRlBVM7Qpu4RKZCgDo2B_Hv8lPg-QlfyC6DdypGuy_otodueM-zAi2I3q0swgeRu7abk5-W8OsOnL9iQk0U1sV27HEeK26QV07-OVoLabdOlxXSklDPK68Cx_Wum3aoAzpKLkqCxL8KYlt8kbPWSvJHDHLVdrWV3fW0zT5YvZEmZGn8gTTMhA_g1OxH7wbeAVLfjWBYXk8TgglHV3jb9Xx2say1qa8mJ-MXqxP7JPVwFDuIFf_DTOz1uqVFvKT3qMJO22Y6E77AHp2N03Oiwhgg7NiJZL7W3RcsJGvZ-E7CkoR8RVEHpjvSiCKSGGqhMoA-2JLQ8ibkXXrKPqyKXDNpHOzXSAeNsWfenzdkJxef6dOGPdYpy9lpzzWy_EAdiwxy-siShnE3oywSLds9rrfg0vooncXJ9a9Dd3C3z_WrsqPIkM8tpkEJNTIJhhTfKz95Qr7JV6UFQoDlPMB7GeAdluE5OC7C5hr-otNXKvebNdMRYKWYv_er3OsjB0ZuTzzVfP4yvEd_hXV3ntecMRtCSa0YlKTpgMejry7JEGcEvNB0dNcxWmaEv840Dtt8_PPJ_Y0jci-K49dGAOo7e-iE6FA4cUFEYNnte4NqDo_dWmr9VsEwUdYLljXFdpFNK9VtZv_2N4UbeHo-AAnV76rjCUKqL-L-TaCFgRSPFCdJM6skch_Y9zWtj_vV69_DAe8g25oEKlrNnjgQDEAQ2f_-dsSB0NJRf_WWfTosQdO4qAM8wtksSMheiR-64GeOLBm10pgxaARADVvrhqJODwse8FO_g2M2y9oeMfYD9-NARBcW8T9ErD_it1cfOmajpkKNhR9piooIsbgAhcfKgzr8BfYDSJ-VaJ9qaI97rWqOkmM9gJ7dfN6Wda0ZXZDNwSaY5xxAFl8moegz7hFfMvp1RAkLAdfrldt3z9dlS1MfXYiWsq0FGlu4ST1XWNd_wkV0J7Tr5kOu-6vNzk3v8GWo5qFF5IzczBxifgyLaESBiIkj8N9gW7Jl-ftjKY5xIT5BoRJ7BQ-UDt9Rzmuw7H0_apkAIpztsB5kdU7Yiq8157-83fd8j30EMfm_yI5uQ5U7-gITvJpicHjxTAXI3XTTOt_gIb94OEk_T3UnaMvStI09YFyYdrBQaPMW5K-4axO8fQBkSkGToFsCktqdNPGYNT4k5fXY415Cy99p4voL2GTU3IVlud2Uk9o4fF9HN0DcNdpUC5XHAPnpKv7HipgzaDhsRyoJ82NEt_V4crTmqT89ZZiFQXiz3CimvdAgad3kXoqWx00aXynwuQ81eXZJ1Rk7k5PTq3aCSHlYLRQu6fUZ0E1AHgr6mHtAvDe4WLsFEbhkT2QiG4G9ALd4v59EzM7JuYMEy8Ck8KJcN48IBJFrFdlcSNWJ_GLHCWx2ENgUv0arqoyfqDHqHVCXcbBrdl39pikB89ib0ZlWAq4hX3HngSGamSs24LjYxAOwN61_H42Feze4oXXs&cid=CAASEuRo-1bqYPlwjoznkuDgRJw16Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:31:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame DADA 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATJxCNwdkQJeWpoCfcVkIIoKnItrqnUfgx71ixtDIhilraplx2qRrWoqYCwZNQClYWBQsQhC26NbKQASU-3-kniINoFxLDeGy0vkWYw9VdlXA6r9rgQIK0gBnMe7-4NnGx7f-8t38RNGxYFDKnI-gVe-WHH5dbGUjcRg3M0c16h_coKYg&dbm_d=AKAmf-DvJ3Gzn9asHeGXccFkAy-FzUjV61N6mzGMWw7zl5-wxdDh_L7KT6-xJueqEHxfgRmDjR6vcL7W0x0Bi0mvcIPR5EeRhMHA-9JC0Xldl8ozVxjKnfL3uoiWDlbC31CWMsMZWg4H7ATToLWrOI_RwsHr9zhbeLpyahCOkaa8w2pxHB0w66p3R-WFnJPwnzvGfuZGWwPb31Av_9PiAcZXNIAsmhlZOQi_Pc6bA-CaPnNu9pahJth5NPQvhNxLO2IxpKrIMTwA49ZLwCwgUfATtNTlsEq0f_BQgULFg-oDA0TNCwQyuPp90riuYoj-vMtpwFFXXsDKDnSp7-XvuTRWH9-wlNb5dJw3A42nM7OU9k-4LVajp9FMfwpUDZdQZjdSz4S4mQTC2CVJ2E106iR5gFzUC4tGyTXCR4-KT9pliSOSx3SAQtFALWn8Fmcml-fZD4Mbgx9Al-rqfozntSS3B7BkEQ4k9QiNsU_wUqi5z8axjv6MjANq105QsSINuxNM6dM1Pm9cMyldDI5rVqKj1n1dkGFoFRNA1npACx20g9gZUj5O0oUKdBbBk6ZPn3mWx7-vSmqFwrTNtamx3-hQ6AyckOiDnt8M2iH8HMQsofJ1EttdZfQrbYV20IXNYhvYfl_X5tP1lmb2FID7NtxawCaRRitY1Sdz5vvriFO8YLwMBHoGxLP8IiuXa_HuFucgKhG4J7zH5Zug2IYx8DhRI1py8boOR5tVHTwKysf34cOizXmeTd8ZfjXIBfyJ41wZirrt6Y4mbRsa74F3UjR3cyISNhI5tbvziQdL4RvQxyfMCM0Ob-hkgMN2X_n1T8y5Gdctz5NHqBkEZfyRsWlWhrAvuO435gIhcbvV3ovlMEStDqurqcY-qc41TWrPDyBwvV_aUyDc9mMmiub4JeDy5GC3KA_qoqEOJEjeBU4yJ7MyGKbmdAu5UpRZRmTLORZLauRY5W02CYTPHNmjWq7EcYAKu7AFB6ahUpsT5xG5rujDo8BWW8UmKmAE_N75mdM8YeslrGgyPfOo-3k2lg96D877rGxUDw9NPypNcNUg_hBqOvVQoJRZnW9aVQ51EPwmKeFPcz_uvsx5t6mmOYVq7xyfuwnYfnoHJ5IL2Ul2elm3yO949TV7go8LxSp4O4aN6O8Ix3bJ3lirmdqNLh-ZmKJNkZEf_1k843orxvrTs4iZ5hfLW0Nlt6kw67v2NwWqyTkr_qLqVl7k_USBrCVhjdpIB0aQ0FKJq5nd-g10wOYIiACWCdufpmLhj94OaIpFD4haIFq8PZR15uPVLdnvI4hbCOudYNP8plSlJVdVKUrFe9kpR0DFYs_4Qw1xi9PX9sNk4HZUS55Inq-b_27kuZHkkoV9Ygxoc3i_ugIYeKgGhzpE968CI9w9eBBZFjUdypwODMAaHDa_NdLSbaI4CeRmCo37lkKDrT3sLr_XIgCpwP8zcQ_ilGQIFZvAFluaHPwZKYzeuSaYBVMdXjHijPnfdNYQMR6OCfXx2eWqtBGb-KP9gTg9DgMnR2ybTnkUS0qmnG870xKtXdZqcqvpoqJ1nT_q0SZHxuecZW5_2CwlVyLBq-MmdXQEBWRlBVM7Qpu4RKZCgDo2B_Hv8lPg-QlfyC6DdypGuy_otodueM-zAi2I3q0swgeRu7abk5-W8OsOnL9iQk0U1sV27HEeK26QV07-OVoLabdOlxXSklDPK68Cx_Wum3aoAzpKLkqCxL8KYlt8kbPWSvJHDHLVdrWV3fW0zT5YvZEmZGn8gTTMhA_g1OxH7wbeAVLfjWBYXk8TgglHV3jb9Xx2say1qa8mJ-MXqxP7JPVwFDuIFf_DTOz1uqVFvKT3qMJO22Y6E77AHp2N03Oiwhgg7NiJZL7W3RcsJGvZ-E7CkoR8RVEHpjvSiCKSGGqhMoA-2JLQ8ibkXXrKPqyKXDNpHOzXSAeNsWfenzdkJxef6dOGPdYpy9lpzzWy_EAdiwxy-siShnE3oywSLds9rrfg0vooncXJ9a9Dd3C3z_WrsqPIkM8tpkEJNTIJhhTfKz95Qr7JV6UFQoDlPMB7GeAdluE5OC7C5hr-otNXKvebNdMRYKWYv_er3OsjB0ZuTzzVfP4yvEd_hXV3ntecMRtCSa0YlKTpgMejry7JEGcEvNB0dNcxWmaEv840Dtt8_PPJ_Y0jci-K49dGAOo7e-iE6FA4cUFEYNnte4NqDo_dWmr9VsEwUdYLljXFdpFNK9VtZv_2N4UbeHo-AAnV76rjCUKqL-L-TaCFgRSPFCdJM6skch_Y9zWtj_vV69_DAe8g25oEKlrNnjgQDEAQ2f_-dsSB0NJRf_WWfTosQdO4qAM8wtksSMheiR-64GeOLBm10pgxaARADVvrhqJODwse8FO_g2M2y9oeMfYD9-NARBcW8T9ErD_it1cfOmajpkKNhR9piooIsbgAhcfKgzr8BfYDSJ-VaJ9qaI97rWqOkmM9gJ7dfN6Wda0ZXZDNwSaY5xxAFl8moegz7hFfMvp1RAkLAdfrldt3z9dlS1MfXYiWsq0FGlu4ST1XWNd_wkV0J7Tr5kOu-6vNzk3v8GWo5qFF5IzczBxifgyLaESBiIkj8N9gW7Jl-ftjKY5xIT5BoRJ7BQ-UDt9Rzmuw7H0_apkAIpztsB5kdU7Yiq8157-83fd8j30EMfm_yI5uQ5U7-gITvJpicHjxTAXI3XTTOt_gIb94OEk_T3UnaMvStI09YFyYdrBQaPMW5K-4axO8fQBkSkGToFsCktqdNPGYNT4k5fXY415Cy99p4voL2GTU3IVlud2Uk9o4fF9HN0DcNdpUC5XHAPnpKv7HipgzaDhsRyoJ82NEt_V4crTmqT89ZZiFQXiz3CimvdAgad3kXoqWx00aXynwuQ81eXZJ1Rk7k5PTq3aCSHlYLRQu6fUZ0E1AHgr6mHtAvDe4WLsFEbhkT2QiG4G9ALd4v59EzM7JuYMEy8Ck8KJcN48IBJFrFdlcSNWJ_GLHCWx2ENgUv0arqoyfqDHqHVCXcbBrdl39pikB89ib0ZlWAq4hX3HngSGamSs24LjYxAOwN61_H42Feze4oXXs&cid=CAASEuRo-1bqYPlwjoznkuDgRJw16Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 05:25:27 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2120 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Sep 2022 05:47:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 2120 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0ajcgGzIariiHkB1-bi5yvtC1DglmFdctH1eQAPLN--mzm0hXvNokDWEwgFB6YOUEaWuWmTj-ldz-mNxHC_CgbdQ3BsobGvazKmXgLUAmzzDT0-J4nG6mkj_18Wt-iY-Gnh8h7DQBMnlVgYLMI5B5fbmWWw&dbm_d=AKAmf-BIan6ujb97HlOf50jQBN7kQqEnwiyldFHKc4BH8o_NO_lhEvC9PkNF4ef5p99cSgGJ2srpfaDhI40odt3WQaHiPyrvCYX5_Dax_XEpc4ds5HuOGRcpLGvyn2i8x1LqEOfNXZmk1somSAYTqSyRZsOAhE0rjrbIw7vtbgw7nY8-VG4YreE1Ck3xBD3Y3zUbbxc2fHjQwUCHMZolMD4K8a4Md7uvKfx21prgC-ZaIkF11jt273GZAYVJwKM3vvU3J8ttQcVuWI2G9-5Ruv9Hl718Qce3THTrOy1giX8a8POmnaNw6c6JgEbQx_WWZt8Q_FFPnfhnYDCJ_CLNnG0JnuF7iayl8Xb9SKpaLYmp9vTdK1hdrGziC5QL9mv1qGUo6EAk9iAoG9uP0flnN-CdaU2Lqq1oiKL5aINVwMri41YplbPm1CIaE48DwA0sNwt8su5oWYyrchXxHGncFyLWPmX7jtnwQxtLCEAlJaHyOep5yU00J3fyYxcN_pxpyl_1zXqBDWfq_S2m4fR9LIBHNxm-kt8kj25GLiJ0RpaU8fKU6gyuQjwRDuPkmsGOcfmKNfVWMLl6P5pkpn9_kVAZK5F0fkNWeyV7v9dEl9fgpzqhdDKBkpULMIvpIQ5uhPidQ101PXJy1Ut1p8cSMx-ZsZcCTk8v2HpzLz6hdM31Ik7SJTcdT136oYWmLnoYWBQBOL2lLQt7ciuuF08SPbOMEs2-J0t2MRI9-dNP0B26A3MbjNKTP1-DKlf4krtSrJ-Jr024EqpnIfLpA-mgaEexE6UHDQ_MkCRkmYFZt1g0DtNhs4JwzEqB4f2Gaok1itd4nZSy2CQas-Odlqg9cBGbvEM7KgkIwCee8fZlHq0pLA33c9iRcnqCTgcGseEUBKGrONoCpHDSk-n1Ht6lW_ur9FEZoY0jG0d_-hDDKwkIfS-qJoexYFJgn20tt6hX5UmlrUgKruWjHE6I1kxcHTs2jIXMlrUyIfhGK5ncfySuR-pWi7REgr2dyAhyGJ-wV-Pkw7vn3-3kPEMVB-Lkcn2np4Qs9FZj-SQPJ18GFvS37zCI8x0x41EIbBMcBKopC8Dia1f8Hu7dFaDsfh9u2899zSXmQuLZFUqJuv3erUW2XycyGDRZQYJmnapewbIAeklCOkyEBlq0fHQdY_q7tp9hh2i5zvjAP-WGVUhokrctfZvezUnmBjdOZG2aOY8WrXHEI7GvtaWIhv595vDCQStVWvDY5Y0IOvVSinHmUkwzumBujc1REowhL3fUAkgq7bPrM13Ut2UnJjxFZ1A0zntAiQG6kBBvd3ymYa4e-l3N5-tKiXkkDDzsC7p4voOqm-O5hZPvBbMrlr8UEf1s6ASXfXG0KwaVdkZvyRMEI4ImHYqPRqV0jkO4MImpOMd4VSniST7TK_nXVuTsxKamM8lz_MzSi4ktWO1G3NCaKQVoBO7o_-wTYwiA8D8QiPndTUDMZNy47UVS1rfTgnXVi4c7s_31YTdsUonbdNgfuigMDOjkE5Dw-rz_CJJJDU1DLUF0bZ35N9erZtzOkF_42PBbK0d3aEDPnZvfToorWyCUA1ArG6GhxHKqDjgwZYJMKL5GHqjcqWjhLwMh49Ex_HtroCGgFmnX8L5wsM4WLfta7P8sxXY1SjC4Wt8_SYEMuskvnIWThkXiUf8eB4GxNrZIHx8BXANnaGHJ_F5uYn5NOz67gejoxbWnauPAOc1fxvmPlC15kPZcoeBmpbbq4lASLJ_sKejo_I9VAUpdo3z84UCI22l7tBfpRRQn4YaJZKEbpQauP2ruqZeM_j7Fd27vXNspyaw3DuVXx8bWYBybWYGqEtwv9wm8ng___ZHjU4_lGkHV79PylvlM8X5M-PZA-nU-xefQBajyd9zXwgzpbKP-irbXOJnITs872GZyMOC6Kwm8ctmxvKIxL07_3hgRio_72UdMsKJB9R8uhvLhsuMEtHc2ctHYGyC9I8cuy3d1meMgmQlDk-f3QRYuz2NsZ0u3qvWeaKTSSJ-AwKrSfvlOs3UJUNVkkkpKFUwKOgdEPt5t7kHCqipjV_IQDzVw-vkFo1p-ZmiaK-4ArhjpRt4P7ujZY7DPYRdcvQ9fXxfjxF_rp2RKyEiv0qgDZwd9Yi_buIiNZyUOqRVDm3OUVHbqkInXOnpKcltot9SpAT8oX6zOxVTm2lu2ZFtoXOTfdXj0K4OaOi-YC1h-qVwtUO1MJx-LQSZe8dYdqDnOLDv7hwtwEm9TawloEfEQJU-FPtXrf9gK6pAlnCVOCssPWhQaHdPhdpwReflzOii5IgVp_b7QHlPDksmaaNEFIDrMa62qjtZjHUqaED3mQ_viJfJKUj_L3mPFoafLM4W07dV7HvJHF76ld5M0oaHhXywxb9bFpErbv068aWGwoIRcr5I5sLhYYpiPkV3U5YZkTlnIUuYyUFJI2TsUTeej4qRtXc3_09X_Dnclx2b1zCEsa4iyUcde4LOylef9mSrlgs8SAQaKAc7Bh5xfAXiFueAqNPJWeVxyVgXoSSA3ehpIDS_tochxYzZ-51RzR1wnQeOMAl17qpVDhHglBnHdn7hcsm8DVuCtYNrZC4hA4LTYn1CkFc0gPORpfV5xOItsVmX87ZjDy41mYn4_SkasjPb0MG0UEp6lIcnTvNl86-r2folrRizMBjbwDgdYXPdE5LG6rntM8pWc1j1DO-Ufkk8tB3QJPH3i_CFEqSsExLIQhB_t4BVXlhuOHMX3qIdpcZXlHNUqrfXu-k5BgDyVnx-7leqOfsqE4HG4xeEFwM6cfFzxvd4fMzvaPNUChJ0trnbBzK4nM_R9Qdw-hMnSqJygEJqJWZMD6wkdqtXLd1d2b1lMLU3XfGSJNwus4P1TKbejGYZjHsbsEy3rtkcjkscKvE7O8CKzWcA8dBLQi4a6O0Il72X3In0EOozqLt-k-68ZMw77UofiR9WNGqzz6EAg2cPROSe0GM4zABM3guaKRUcHntZNufh__VpfcopBoRJEWMXMP3LcZiVd-6dP8yBJlXeDvt1cWAQU7ciuljHDz5IG50otUg8&cid=CAASEuRoX4Z1asaZl25fGWNskk4bDA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:31:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 2120 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0ajcgGzIariiHkB1-bi5yvtC1DglmFdctH1eQAPLN--mzm0hXvNokDWEwgFB6YOUEaWuWmTj-ldz-mNxHC_CgbdQ3BsobGvazKmXgLUAmzzDT0-J4nG6mkj_18Wt-iY-Gnh8h7DQBMnlVgYLMI5B5fbmWWw&dbm_d=AKAmf-BIan6ujb97HlOf50jQBN7kQqEnwiyldFHKc4BH8o_NO_lhEvC9PkNF4ef5p99cSgGJ2srpfaDhI40odt3WQaHiPyrvCYX5_Dax_XEpc4ds5HuOGRcpLGvyn2i8x1LqEOfNXZmk1somSAYTqSyRZsOAhE0rjrbIw7vtbgw7nY8-VG4YreE1Ck3xBD3Y3zUbbxc2fHjQwUCHMZolMD4K8a4Md7uvKfx21prgC-ZaIkF11jt273GZAYVJwKM3vvU3J8ttQcVuWI2G9-5Ruv9Hl718Qce3THTrOy1giX8a8POmnaNw6c6JgEbQx_WWZt8Q_FFPnfhnYDCJ_CLNnG0JnuF7iayl8Xb9SKpaLYmp9vTdK1hdrGziC5QL9mv1qGUo6EAk9iAoG9uP0flnN-CdaU2Lqq1oiKL5aINVwMri41YplbPm1CIaE48DwA0sNwt8su5oWYyrchXxHGncFyLWPmX7jtnwQxtLCEAlJaHyOep5yU00J3fyYxcN_pxpyl_1zXqBDWfq_S2m4fR9LIBHNxm-kt8kj25GLiJ0RpaU8fKU6gyuQjwRDuPkmsGOcfmKNfVWMLl6P5pkpn9_kVAZK5F0fkNWeyV7v9dEl9fgpzqhdDKBkpULMIvpIQ5uhPidQ101PXJy1Ut1p8cSMx-ZsZcCTk8v2HpzLz6hdM31Ik7SJTcdT136oYWmLnoYWBQBOL2lLQt7ciuuF08SPbOMEs2-J0t2MRI9-dNP0B26A3MbjNKTP1-DKlf4krtSrJ-Jr024EqpnIfLpA-mgaEexE6UHDQ_MkCRkmYFZt1g0DtNhs4JwzEqB4f2Gaok1itd4nZSy2CQas-Odlqg9cBGbvEM7KgkIwCee8fZlHq0pLA33c9iRcnqCTgcGseEUBKGrONoCpHDSk-n1Ht6lW_ur9FEZoY0jG0d_-hDDKwkIfS-qJoexYFJgn20tt6hX5UmlrUgKruWjHE6I1kxcHTs2jIXMlrUyIfhGK5ncfySuR-pWi7REgr2dyAhyGJ-wV-Pkw7vn3-3kPEMVB-Lkcn2np4Qs9FZj-SQPJ18GFvS37zCI8x0x41EIbBMcBKopC8Dia1f8Hu7dFaDsfh9u2899zSXmQuLZFUqJuv3erUW2XycyGDRZQYJmnapewbIAeklCOkyEBlq0fHQdY_q7tp9hh2i5zvjAP-WGVUhokrctfZvezUnmBjdOZG2aOY8WrXHEI7GvtaWIhv595vDCQStVWvDY5Y0IOvVSinHmUkwzumBujc1REowhL3fUAkgq7bPrM13Ut2UnJjxFZ1A0zntAiQG6kBBvd3ymYa4e-l3N5-tKiXkkDDzsC7p4voOqm-O5hZPvBbMrlr8UEf1s6ASXfXG0KwaVdkZvyRMEI4ImHYqPRqV0jkO4MImpOMd4VSniST7TK_nXVuTsxKamM8lz_MzSi4ktWO1G3NCaKQVoBO7o_-wTYwiA8D8QiPndTUDMZNy47UVS1rfTgnXVi4c7s_31YTdsUonbdNgfuigMDOjkE5Dw-rz_CJJJDU1DLUF0bZ35N9erZtzOkF_42PBbK0d3aEDPnZvfToorWyCUA1ArG6GhxHKqDjgwZYJMKL5GHqjcqWjhLwMh49Ex_HtroCGgFmnX8L5wsM4WLfta7P8sxXY1SjC4Wt8_SYEMuskvnIWThkXiUf8eB4GxNrZIHx8BXANnaGHJ_F5uYn5NOz67gejoxbWnauPAOc1fxvmPlC15kPZcoeBmpbbq4lASLJ_sKejo_I9VAUpdo3z84UCI22l7tBfpRRQn4YaJZKEbpQauP2ruqZeM_j7Fd27vXNspyaw3DuVXx8bWYBybWYGqEtwv9wm8ng___ZHjU4_lGkHV79PylvlM8X5M-PZA-nU-xefQBajyd9zXwgzpbKP-irbXOJnITs872GZyMOC6Kwm8ctmxvKIxL07_3hgRio_72UdMsKJB9R8uhvLhsuMEtHc2ctHYGyC9I8cuy3d1meMgmQlDk-f3QRYuz2NsZ0u3qvWeaKTSSJ-AwKrSfvlOs3UJUNVkkkpKFUwKOgdEPt5t7kHCqipjV_IQDzVw-vkFo1p-ZmiaK-4ArhjpRt4P7ujZY7DPYRdcvQ9fXxfjxF_rp2RKyEiv0qgDZwd9Yi_buIiNZyUOqRVDm3OUVHbqkInXOnpKcltot9SpAT8oX6zOxVTm2lu2ZFtoXOTfdXj0K4OaOi-YC1h-qVwtUO1MJx-LQSZe8dYdqDnOLDv7hwtwEm9TawloEfEQJU-FPtXrf9gK6pAlnCVOCssPWhQaHdPhdpwReflzOii5IgVp_b7QHlPDksmaaNEFIDrMa62qjtZjHUqaED3mQ_viJfJKUj_L3mPFoafLM4W07dV7HvJHF76ld5M0oaHhXywxb9bFpErbv068aWGwoIRcr5I5sLhYYpiPkV3U5YZkTlnIUuYyUFJI2TsUTeej4qRtXc3_09X_Dnclx2b1zCEsa4iyUcde4LOylef9mSrlgs8SAQaKAc7Bh5xfAXiFueAqNPJWeVxyVgXoSSA3ehpIDS_tochxYzZ-51RzR1wnQeOMAl17qpVDhHglBnHdn7hcsm8DVuCtYNrZC4hA4LTYn1CkFc0gPORpfV5xOItsVmX87ZjDy41mYn4_SkasjPb0MG0UEp6lIcnTvNl86-r2folrRizMBjbwDgdYXPdE5LG6rntM8pWc1j1DO-Ufkk8tB3QJPH3i_CFEqSsExLIQhB_t4BVXlhuOHMX3qIdpcZXlHNUqrfXu-k5BgDyVnx-7leqOfsqE4HG4xeEFwM6cfFzxvd4fMzvaPNUChJ0trnbBzK4nM_R9Qdw-hMnSqJygEJqJWZMD6wkdqtXLd1d2b1lMLU3XfGSJNwus4P1TKbejGYZjHsbsEy3rtkcjkscKvE7O8CKzWcA8dBLQi4a6O0Il72X3In0EOozqLt-k-68ZMw77UofiR9WNGqzz6EAg2cPROSe0GM4zABM3guaKRUcHntZNufh__VpfcopBoRJEWMXMP3LcZiVd-6dP8yBJlXeDvt1cWAQU7ciuljHDz5IG50otUg8&cid=CAASEuRoX4Z1asaZl25fGWNskk4bDA&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 05:25:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DADA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 16:43:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DCAC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
16476
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 02:02:13 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 02:02:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DADA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29fc66b204681ec0e60b0d53eef4abc17f84351886cb6adca1261c6f18a3ce65

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6a18b3d2c064e7c85949a89636f0a2b1bc19f01325265c46431ef66f58a6fc48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75015
x-xss-protection
0
expires
Sat, 17 Sep 2022 06:36:50 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS82eXVlLTE1cmktcWktYmVpLWppbmctZ29uZy1qaWFvLWR1by10aWFvLXhpYW4tbHUteW91LWRpYW8temhlbmcuaHRtbCIsInRpbWUiOjE2NjMzOTY2MDk5OTN9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:49 GMT
server
nginx/1.14.0 (Ubuntu)
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2120 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 16:43:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1236 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
16477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 02:02:13 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 02:02:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2120 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc574e7142e06d8cdb90bdf60efa9e289f80e7e283a44275c27b613d2b80e2aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame DCAC 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDML21RD8pMqtAQ2sC0HI2I&google_cver=1&google_push=AZmPxg9qB3eA_nWpS6iFGJcAJEb3ZC04va0gO0rcVdzZFU6Ptpim9N4XJwUKXvQZ30I-YQ2XZx0Qo6NPvNYVuXCIcwUYhKUGzRUcIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DCAC
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELQfhHM7CStCleblUk_y1mo&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MmYwOTBmZTYtMWFiNC00OTM1LTk3NGEtYTMwNWVhNjRhOWFj&google_gid=CAESELQfhHM7CStCleblUk_y1mo&google_cver=1&google_push=AZmPxg-A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MmYwOTBmZTYtMWFiNC00OTM1LTk3NGEtYTMwNWVhNjRhOWFj&google_gid=CAESELQfhHM7CStCleblUk_y1mo&google_cver=1&google_push=AZmPxg-AZ5-h579odOmrXITs6n3ZGYjN_zI1RagQq1DUoieebHb-FwJvOdCZHgTg70Y4DFReS-blVm1HAj9_7mnHBuvKcd4G4i_ooQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MmYwOTBmZTYtMWFiNC00OTM1LTk3NGEtYTMwNWVhNjRhOWFj&google_gid=CAESELQfhHM7CStCleblUk_y1mo&google_cver=1&google_push=AZmPxg-AZ5-h579odOmrXITs6n3ZGYjN_zI1RagQq1DUoieebHb-FwJvOdCZHgTg70Y4DFReS-blVm1HAj9_7mnHBuvKcd4G4i_ooQ
date
Sat, 17 Sep 2022 06:36:50 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DCAC
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDw9i_JbqX1cDcdTHLHQlSU&google_cver=1&google_push=AZmPxg9fxD4gwX9HvrafegCehagA8c5SRtV_ZybB9pmsPPaeLVQ4hDvtw_9My1EF0AGdP3CvEnr4px4YeDr32NKbWEiAMynulqmJwQ
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9fxD4gwX9HvrafegCehagA8c5SRtV_ZybB9pmsPPaeLVQ4hDvtw_9My1EF0AGdP3CvEnr4px4YeDr32NKbWEiAMynulqmJwQ&google_hm=ZzM3OWJlYjU0MTVjZD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9fxD4gwX9HvrafegCehagA8c5SRtV_ZybB9pmsPPaeLVQ4hDvtw_9My1EF0AGdP3CvEnr4px4YeDr32NKbWEiAMynulqmJwQ&google_hm=ZzM3OWJlYjU0MTVjZDAzZTlmNWI=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9fxD4gwX9HvrafegCehagA8c5SRtV_ZybB9pmsPPaeLVQ4hDvtw_9My1EF0AGdP3CvEnr4px4YeDr32NKbWEiAMynulqmJwQ&google_hm=ZzM3OWJlYjU0MTVjZDAzZTlmNWI=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pub
cs.chocolateplatform.com/ Frame DCAC 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEO1-h0MQq8m_mSTVSujSXmg&google_cver=1&google_push=AZmPxg-Guro66n6xSe9Fmi-cMwy-iZA5SjAtExwTykXN8s5ZNf_izLR2w-iRDpc8J2iuiCDlYpLMwlh8MIPfIQFhUszh12UuGC5PCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 17 Sep 2022 06:36:50 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame DCAC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELRJqsTgn7pDS89hp83-iVU&google_cver=1&google_push=AZmPxg8U2n4RvYOh5BpC20EJ16SXWNyerSKvBxOwjyog_Y57EDM751S6Xg3NK5xtlfmDVi6iDb...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELRJqsTgn7pDS89hp83-iVU&google_cver=1&google_push=AZmPxg8U2n4RvYOh5BpC20EJ16SXWNyerSKvBxOwjyog_Y57EDM751S6Xg3NK5xtlfmDVi6iDb...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rWFV0UHB4RTJ1RUFSellYbTFVSll1NW5KQlFIaUJDRn5B&google_push=AZmPxg8U2n4RvYOh5BpC20EJ16SXWNyerSKvBxOwjyog_Y57EDM751S6X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rWFV0UHB4RTJ1RUFSellYbTFVSll1NW5KQlFIaUJDRn5B&google_push=AZmPxg8U2n4RvYOh5BpC20EJ16SXWNyerSKvBxOwjyog_Y57EDM751S6Xg3NK5xtlfmDVi6iDbKNJa0p1IUbCnB54op04zXFC_7sphc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rWFV0UHB4RTJ1RUFSellYbTFVSll1NW5KQlFIaUJDRn5B&google_push=AZmPxg8U2n4RvYOh5BpC20EJ16SXWNyerSKvBxOwjyog_Y57EDM751S6Xg3NK5xtlfmDVi6iDbKNJa0p1IUbCnB54op04zXFC_7sphc
date
Sat, 17 Sep 2022 06:36:50 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sspsync
cksync.yahoo.co.jp/ Frame DCAC 		35 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEPC-c-APq51GaEg_dKcVOX4&google_cver=1&google_push=AZmPxg-s0w0W-ifzkFIyxyAI2WBg8no4ffUY5UwiSgjE_cRh6aop2wRo1iiLvZpd4wp2ty3njQj9GU4MBJRMCkXAayYzrG8J49S9Ng
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.16.123 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
edge1700.img.vip.otm.yimg.jp
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:50 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
/
b1sync.zemanta.com/usersync/googleadx/ Frame DCAC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJ_QfyeC7fEVOxBEKoPqv2w&google_cver=1&google_push=AZmPxg8WawmEZt-4bKJcHK3twQolvk0obvouDRlHT0rdsVJkvMlZyz5gOdED1d7_N06h-0QGcHQrVWIvbMvIf...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJ_QfyeC7fEVOxBEKoPqv2w&google_push=AZmPxg8WawmEZt-4bKJcHK3twQolvk0obvouDRlHT0rdsVJkvMlZyz5gOdED1d7_N06h-0QGcHQrVWIvbMvIf...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8WawmEZt-4bKJcHK3twQolvk0obvouDRlHT0rdsVJkvMlZyz5gOdED1d7_N06h-0QGcHQrVWIvbMvIfvc3szC5tBHWD3Nwa1M&google_hm=MVBENXJON3YyYk13T...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
HTTP/1.1
Server
64.202.112.159 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:51 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DCAC 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBi298hJz_Fi3gkrFkWFkdb2YEHpq7sVSjQCRHOXDd-pjSaj2pFx6k1sOUjCW1tjyLNLpKU2YU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ED53 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
419804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:00:06 GMT
expires
Tue, 12 Sep 2023 10:00:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1236
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOgpfTbvLy1JVLwOfQtodbE&google_cver=1&google_push=AZmPxg_9YocJmIark36Y-enxbM-5L0EL5jxAHFG7eYwmaV7rmviHqci2WsQ79v12_gtdvlxc25KUH...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_9YocJmIark36Y-enxbM-5L0EL5jxAHFG7eYwmaV7rmviHqci2WsQ79v12_gtdvlxc25KUH6tYDg7AbOhTGftTQMLOvlhdZOPXEmyc_GOc05I0pLhDzr-DOg-0-m...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_9YocJmIark36Y-enxbM-5L0EL5jxAHFG7eYwmaV7rmviHqci2WsQ79v12_gtdvlxc25KUH6tYDg7AbOhTGftTQMLOvlhdZOPXEmyc_GOc05I0pLhDzr-DOg-0-mvI6N2XUdslHO-p
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:50 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C3AE583CDFDC46B08E5BF77D70B34DDD Ref B: MEL01EDGE1411 Ref C: 2022-09-17T06:36:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_9YocJmIark36Y-enxbM-5L0EL5jxAHFG7eYwmaV7rmviHqci2WsQ79v12_gtdvlxc25KUH6tYDg7AbOhTGftTQMLOvlhdZOPXEmyc_GOc05I0pLhDzr-DOg-0-mvI6N2XUdslHO-p
x-li-proto
http/2
content-length
0
x-li-uuid
AAXo2bQgjaLbySySPCxexg==
pixel
cm.g.doubleclick.net/ Frame 1236
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEM1t0ZOQsbTBqr7jLUFcqUw&google_cver=1&google_push=AZmPxg_d95o8M0BBaLZrPwQveWwZlznnEeq5e6vbnDRDW_FGdxfGHRF-VfI-4V_jrlDusM1DWh0Zwf7gQt...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg_d95o8M0BBaLZrPwQveWwZlznnEeq5e6vbnDRDW_FGdxfGHRF-VfI-4V_jrlDusM1DWh0Zwf7gQt-TD0N6OPVir53Ck-cp9vVd6e0cn9BYstke-6mb1cOqrXgaY6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg_d95o8M0BBaLZrPwQveWwZlznnEeq5e6vbnDRDW_FGdxfGHRF-VfI-4V_jrlDusM1DWh0Zwf7gQt-TD0N6OPVir53Ck-cp9vVd6e0cn9BYstke-6mb1cOqrXgaY6lk-pXxUY4IoOA&google_hm=d0RNM29FZU1WVzhLZlJKZlBHRzFEbXFNNk1J&from_google=pc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:50 GMT
Server
nginx
Strict-Transport-Security
max-age=15768000
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AZmPxg_d95o8M0BBaLZrPwQveWwZlznnEeq5e6vbnDRDW_FGdxfGHRF-VfI-4V_jrlDusM1DWh0Zwf7gQt-TD0N6OPVir53Ck-cp9vVd6e0cn9BYstke-6mb1cOqrXgaY6lk-pXxUY4IoOA&google_hm=d0RNM29FZU1WVzhLZlJKZlBHRzFEbXFNNk1J&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 1236
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAGAARHi0qbMJ2E8n1fE2PE&google_cver=1&google_push=AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuPT4dsRZ...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAGAARHi0qbMJ2E8n1fE2PE&google_cver=1&google_push=AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuP...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuPT4dsRZQKO732csNuDn4twZ1mKiHhsU7r35oj9fM_gcfTp3Xb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuPT4dsRZQKO732csNuDn4twZ1mKiHhsU7r35oj9fM_gcfTp3XbrYMwEN3A0&google_hm=-YraI7t6TWii9H_k_knc5A==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuPT4dsRZQKO732csNuDn4twZ1mKiHhsU7r35oj9fM_gcfTp3XbrYMwEN3A0&google_hm=-YraI7t6TWii9H_k_knc5A==
Date
Sat, 17 Sep 2022 06:36:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1236
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEInnKgmBTabEF_zcTi-Ry1s&google_cver=1&google_push=AZmPxg-zI27X_P4X_CGapl6s9_RfFFdWQG6NX5Q6OCT_ul-TjdrzXE30kWCLAjqjJR4QTvEBOM...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEInnKgmBTabEF_zcTi-Ry1s&google_cver=1&google_push=AZmPxg-zI27X_P4X_CGapl6s9_RfFFdWQG6NX5Q6OCT_ul-TjdrzXE30kWCLAjqjJR4QTvEBOM...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rWFV0UHB4RTJ1RUFSellYbTFVSll1NW5KQlFIaUJDRn5B&google_push=AZmPxg-zI27X_P4X_CGapl6s9_RfFFdWQG6NX5Q6OCT_ul-TjdrzXE30k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rWFV0UHB4RTJ1RUFSellYbTFVSll1NW5KQlFIaUJDRn5B&google_push=AZmPxg-zI27X_P4X_CGapl6s9_RfFFdWQG6NX5Q6OCT_ul-TjdrzXE30kWCLAjqjJR4QTvEBOMqDISWkugRPbDbY2mWCzk59JVwwTpDaOQPjJVAsP2RxAIK0mbtHCReIRJw6JnZEcEha8Ojs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1rWFV0UHB4RTJ1RUFSellYbTFVSll1NW5KQlFIaUJDRn5B&google_push=AZmPxg-zI27X_P4X_CGapl6s9_RfFFdWQG6NX5Q6OCT_ul-TjdrzXE30kWCLAjqjJR4QTvEBOMqDISWkugRPbDbY2mWCzk59JVwwTpDaOQPjJVAsP2RxAIK0mbtHCReIRJw6JnZEcEha8Ojs
date
Sat, 17 Sep 2022 06:36:50 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sspsync
cksync.yahoo.co.jp/ Frame 1236 		35 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEO5eZVjAut-vjc6KZKglfio&google_cver=1&google_push=AZmPxg85xjsvQk1ccl17Omm4QHWuGNj3e1T-6lRfE5PFsaqU9ht9kVEi1pmSdPTI3aGcskWqxk8mUeAZHOo28McZJ6qDQzeTB-eZfUrdR1WG5KOdtgq44fHtRKwl7r9y8rUApl6DAf0nJy6CNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.16.123 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
edge1700.img.vip.otm.yimg.jp
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:50 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 1236
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEAcT_2TTtwT8aRfvfbRK2Pk&google_cver=1&google_push=AZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbDS7661Yk7NkNp...
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOKnz52C1IiPZ8JDJ17_C6VG1eQWY7s8bhUTF5RQ&google_push=AZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbD...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=XuTf1I6lkQaaCpzbUglX&google_push=AZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbDS7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=XuTf1I6lkQaaCpzbUglX&google_push=AZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbDS7661Yk7NkNpa8M4v1wnBRLNTMB18oV2MjcWWyyAGyz4JFTutdaR
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Sat, 17 Sep 2022 06:36:52 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=XuTf1I6lkQaaCpzbUglX&google_push=AZmPxg9d_t1pjiMebXbndyJDE8NfmeYfoADcyihQ3S345GY-DkmCpX5Q7Iqge45ItzKs4okAM_Gc_etFKBUUm0QbcdbDS7661Yk7NkNpa8M4v1wnBRLNTMB18oV2MjcWWyyAGyz4JFTutdaR
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
269
x-content-type-options
nosniff
/
b1sync.zemanta.com/usersync/googleadx/ Frame 1236
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPmrCT-RjV_XuyCcrunZXsE&google_cver=1&google_push=AZmPxg_ot21_27RUuChswt0pje8t2FYE9Q-z01BkzhJrVzwKie_0xI57TvdEqwonzbXBVG5RaD18jkkn2J-cz...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPmrCT-RjV_XuyCcrunZXsE&google_push=AZmPxg_ot21_27RUuChswt0pje8t2FYE9Q-z01BkzhJrVzwKie_0xI57TvdEqwonzbXBVG5RaD18jkkn2J-cz...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_ot21_27RUuChswt0pje8t2FYE9Q-z01BkzhJrVzwKie_0xI57TvdEqwonzbXBVG5RaD18jkkn2J-cz7hLUefArD4VHhi41vK9lRUHXHnbZLma2TO_FrbVnUbPND_...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Server
64.202.112.159 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:52 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1236 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jol6kMcI1AxTszWF6SHApk9-mImGNw1NLt1qncddDkdggYKf3CjwrRNaHfgzbb95IQepF-sSdWPg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame ED53 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0215 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
419804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:00:06 GMT
expires
Tue, 12 Sep 2023 10:00:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index_336x280_google.html
s0.2mdn.net/sadbundle/12129862044491927380/ Frame 5FA3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
bb5b8374afc57391fda2b5c18633e74299030844ed77dfb27b90c07413e99854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
330315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2201
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 10:51:35 GMT
expires
Wed, 13 Sep 2023 10:51:35 GMT
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DADA 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0QKMRgQ7Z2ybWddS9SkuNCnIXSWHjtHLRwkaNRUFz7SgL5GgPYSAuSgIJEskt0-M4LvJmfo8L5ldIG1IV065eyvQT-wt2XbCzquyrJFiIL4JpBQgBmZPAbsiOGgeTTX1wSSAVPy90vQjmVtzoHpAWjBDfVRyH9e7_HSd_0lL919bHb66Ae-uEzMiIPI9BratIxG2U6f2THBzwpxQFsARNwVrMaDXaMPbl-ib_rCr_Xtxkfaq3xuj4au8fpuVj3FifrdJRqq_FRhztMmaoQgzVFgaF1U6Fl0uOeUZ3-ij7aXlU11cERD3vZ8IkwPWTm4MXvY7fdbM3S0VnzQN7UllxEnkynmMLkUi504g7Dsd5pL7yyQ3m3I_cYvbSZIPoN-2woJfFViGROpZ8Z8aTaGsZiSdPtnmZmEtVfLKhhSljDfZcjjvXXDJwN67ZfaEfTw12yF6gcGAZ-674FqUUpfmePMcnWGGO9PQGQI-sS-9cN5X6we92uatWV6NbZDTEZPmyv3fQPk3OvbrFRe9CLWx7I7WnKKUh_iHiBXgOjRWkd12DcZkUiubFXA5Gq3uGCozQQrBNx7R3oWnZ1eMbbnhnaF7cGpIIcspcYOFw18zYDj7Y6XuORcceHMOsIt7fMGZpQPFuM3rL4_l1Iu6nkG3cU6uHJhckYhujIwRwtz9fhLNcq4shJbFfBzcLRwOrndRK_Eq287mro8pz4wepiz0eZIqAAeQSVAGB7LxJCRSy9RA3m5Ww3azTI6vu3zN58FgpRS_23D_5_5uUYDpQRqa3eL6BFsuGAvahtlYU50BT_vG3UyEdXgUrh2RFATClK8xe6M0Ehe1aIR_NSXnvnYtNLICCn1gm372PVUV3MhG3T0Tn5_G-rGbmxF7NKIho8BYR5hlKHlYf3F9cuVoYEkmh2bUsXuLRKPFcUh2hPQtODVmpY59MRopvFyN_AuYY0UppxWEe8-HXFII41SeE4VItvwgGRnARtKciMJKSb6av19neO8OdM3K1eGpJ8WvVxYHAAbuLI8gYutzRQgUkifCBgqJItMNEBQriZelyyAAXtojwPoVlVgEoK0S18xTUuoJnQPX3zR-3g9WHEBj3r0iaRJz83Sxn7HVj1yJjacxWKs4Y6LLDIVuJt9HbXpGqt7p3pJAKG1LelOfNt4o&sai=AMfl-YToc7SAF2vQHDyEr0Cq9BaWIbD40R7iu40XGB6u-Tg6EW0Y_sFiaMrWOw1i2nkO9TsgApyswDAzcJBBZ26snl3S6UVoagdpjzP7chmLw23cGY4gKJ5k0mlnMYslZHTz9WU1B7MoQGgN1nn4CbyMOsEpnnhyXA&sig=Cg0ArKJSzPRXg3vt3LH0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=750&cbvp=1&cstd=746&cisv=r20220914.05156&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 17 Sep 2022 06:36:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1675811078;
ad.atdmt.com/i/ Frame DADA 		0
0
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 0215 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
index_336x280_google.html
s0.2mdn.net/sadbundle/12129862044491927380/ Frame 7F53 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
bb5b8374afc57391fda2b5c18633e74299030844ed77dfb27b90c07413e99854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
330315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2201
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 10:51:35 GMT
expires
Wed, 13 Sep 2023 10:51:35 GMT
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2120 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2GBTU3vA-piq43ye4f0hI2WQ3jwPDY2E1b15LQEX-Vcu6Rek6h42Q5T5rUklwsnI-BufghcnTu5MoGgfPt1dAOW4QR-4cKt_h2iyjP7kX-Kh1_-44npXusqviv1dpc6K1JPf_luFRrgIXQ--Hf9wJejDgeaiqAxvVaOvnkD4EdX71YWB-60CUlMc2u0IE3ffm-YQIsw8TeXq7GzmEMdHGgVFUoNy0KqqMv3PxDKzPL1l__y4vTZnHL6uy87KVNs-LIYaiIeZuKQK8awhFJHdxsy2a1Paz45x_M60blH0FdtouHZcGhw1PUKPNiHxuTiO3PYs1ViQvbL2eumwvV2mxSDSg1GqrCJWXxYX3niRZoMgvuwhQMtKsLouFO6Jilr-hQ04vNuX3QSkZ6BTG7nxjWKPcLJ4gEGZNzisZ8HT3U8rTbB95ZgpmQuJ8umoMrXy1MLSjo9rlUjLctggZV58LCv5O-ZcuollHzGj8MU7_3cG_QyBaOgHDuCkJNlouRTueeVp1iuSVCRe6qxKI39xeBVZuTnw15BvKiTDf8cntp0ycOi2lWBzV7mYqdeYKrCz5v2IuYeQw7IrKo47kWN7HSIgsgNTIjhFreXd0kG_-tDnZjZECt0RQ6Ncayu2op4FfM_N4pTMsPgWR1HFQt8bpshOvqVvMvWIMeVS0ZlmOsYRyO-DFtulvv6Tzuye6FeUNqHBANtn33DjibT_iW1Fk9mQdTUWq7fNK_L0MfnzHNaRpKJ59cxKdw6OLqcB3fWNUMX7Que9A5jUE4_laoYUSCFTL5lg6AWOpDHvEeY4g4twGKM6bRnB4nMdL7mbd32MfCzEWGJ2Px--rh7pY7SQWxf6VECiCPqMA4hZzWo5KlyHYsoGlVWeRcLXZp3NLYw62Gk-Kt_0FA900jRbpP_XmX2nkE88SZD5hTX774cZHcX4KrFiF5cs2ZKouA1L4h4WZ1WnGBrQQOApXwsVn9225K1iCZ0CIFVj5lfqrtVAp4-uoe3IZfkP_K6LP0TwGYTQAvmfu5qBYl2Lxg0pt9D2qwugHAbsrTgqx7ydqOu5TshFTVcK960K5pXWwBLGEV7hHP9F9l4r8CITgbcPQeXewvO251g9LJIwoZaJAVzDSHCaWgmwfvAnldyzNfetxug7NRQGn&sai=AMfl-YQKnB16XHiHgslNJFAU3wIo3zQXRezFR71GVF9WqcN8otefmfwUG2_qexGrtA7241hu_IQWNM6B_vHCLzb1MGeDXgJAtvxW2SKoC_sSJMRmHSxU5-04NnHdJ5rCmsnZU5XAOvXNmPnaVxjR1CBqpbR8Yg0q5A&sig=Cg0ArKJSzC0LKabkKhQWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=698&cbvp=1&cstd=696&cisv=r20220914.30105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 17 Sep 2022 06:36:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=977300199;
ad.atdmt.com/i/ Frame 2120 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED53 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTbcvAWslY4ecG4ikwgP8_YD4BAAAAAA4AeAEAg&bg=!-vml-b3NAAZqQh0mSkI7ACkAdvg8Wjo-UpEpD4E57Op52fVdg_zNu655wWU7fdacevLPxSWuR78TjwIAAABdUgAAAAFoAQeZAu2szfJIxbJo5HI4Zy0PK5iJIMIvR1H27QpiUJ2ddNUg5Bwx4tANzVhL7KoRalsZN2-P4dAK8b-eRl_Bx9-f4lbCsDHHmReUI6yacx-e4NQAovxatDvHuIB695ULVmKwhrNLClZ3wSkYEP7CwRfvR6cHPHnnEp3tOsftYcdIvidPUpTQOcVvEJ0AKUbQK8N3AFNJ0ziFBAPyql8K7AqVBIErW3mpTSgTG_FVu8RcMCc4jehwIcLfLUZaSj2JsyCZ52ZdXIRD87eZbRHIIpEtCs0OByqGHQYQ4trv47VvmEG-F21CkfuYjZ2s2YWe-vx5V0iGoj6xTzOerMBBOX0uHaAwt_WE_QM7Jq8IE8tLnxNy2S6VKGjOKQEGw95kdvGteXxZHduGsN8BspmZHLIb8ESt1jkAKH8hCbGIpuIsQChJ3vZKBQM3cgLObmSO34RnYskxgZf0zBQewKs7fXR846SgXUxHP-GGa8mZJYP6d3gkSbt1nOk-HD2Pj0A6JRIXcop5RdO7azQHCNFBqJ9iDf1ukFm-0kE_7XA13IxtaYHDlB8mqZPZelKOM9XSC4cF6m03vDQvJeyswEj7wCbuSXHklj7G6VrL7o9ymyNOOvQnZhIzdgGI0I1duag5GxorRly-yOqPNtlXhgWHcIrBDhs0n8yCB1jOlN8P_RgaOq4_0gcU1NTy5C7s0c96R9ZjnstjF7w_TGZcja9o1MdJ08wcF75q5GeuDVnuOE27gqCbr9zwFbkv8GAwHm2c1UYuY2_iLy1TnyoOZTF78LxQVtjYpGBfLtF2-C_u9NoD3RoG7QNPpRJdeDjw1Z2sy4BtWMk_BwRU77aU9kWobt_NxiIxuBn-iER6sKpiMUZd2m0LJ3f6USmU2SPO3PG8mK_geZuDJUxPHSfOu2Qx-J7ruekSatTH_D7Ooo2o5c__SGD1PgBwKBZNrQFGeJ9C4CBlSLNTcg7VnsY4kRH4wtWIZ0bNZZT_GRMrnVQBMmtN9w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2434205277749035&correlator=2798124184834041&eid=31068929%2C31069361%2C31069626&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D8281b2528b9e6fb%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D83038628463b18d%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D84de0ef0b87596d%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D2cb41b1211034d94-225db11295d6006a%3AT%3D1663396606%3ART%3D1663396606%3AS%3DALNI_MbXgjc3VWYT3JrCuf0WOPunfI8zgA&gpic=UID%3D000009cc076e022b%3AT%3D1663396606%3ART%3D1663396606%3AS%3DALNI_MYC50M4uoCIzNyqo-R3pCUO6j2hQw&arp=1&abxe=1&dt=1663396610731&lmt=1663396610&dlt=1663396603089&idt=3768&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=400732676.1663396611&ga_sid=1663396611&ga_hid=2991&ga_fc=false&ga_cid=amp-7QKNI_xTSKvqK3pWgp2GZQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9b475c2f24baa9e51a8afd138f943f80c2dfc27514dcf13435f25b2324887074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22436
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F56C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:50 GMT
expires
Sun, 17 Sep 2023 06:36:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Sep 2022 06:36:51 GMT
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9e0&_p=2991&cid=400732676.1663396611&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663396610&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&dt=6%E6%9C%8815%E6%97%A5%E8%B5%B7%20%E5%8C%97%E4%BA%AC%E5%85%AC%E4%BA%A4%E5%A4%9A%E6%A2%9D%E7%B7%9A%E8%B7%AF%E6%9C%89%E8%AA%BF%E6%95%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0215 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQXmsAWslY5emJIrqvASXgr7oCgAAAAA4AeAEAg&bg=!QEOlQwfNAAZqQh0mSkI7ACkAdvg8WvytrVDEeoSXVHYnY7vE3aVFbCmrnY7xjOoo7hNHHjz4FK4U7QIAAACAUgAAAAJoAQcKAJIOwxx6Egx_xkSLsdIvKnWHo4D-NjdO4e1v61SCb7lndYezhuuS8Jjc6dVTxpUfUbyvzfLRY4YQQYakLbYAoBW3B06PJWgz53epNZOd6crjWkoYaxiLQNSqvFp1vre3sBE3IkeoHBCwKV_OGNCr9G2j6vjMFc-7XETaRPsyItO6e0oDkPMPUpDB1TLgqLKsEtLHWpkC6KYY4-VI-9ljYvQZIuTSRdE2KY4d3Qm4G7PwdypIM8q7gAKaubr4aJWEn8Rjm0yuuWflFVB3xoI5Nsp0XWsp-TazmV5H1Z9FHtxXxMsIaUudz54FhPTgIbkp1IHqwKKKYMvueS7pDeC5JJ5m6_HNrT0Mi7ngeZuINXh1tOC8sCmYS11NNYmW1F0AaiW1RVqEs3fnDgRTrLii03HEOBixJW81fw6JtNkN4jcq6glbgTMtUIHAQq8dvx6ZyfKw63m0IxAv-zkORAWhNB7mH4kvH8vhePmSohp8V1AM48PXgIweB7aD3OgIoKTOZ6NiW_vIoKqU2hbxWwXS8ZrRM3f3o94Zoxeyg3AJhRSc3x2DWjS3Gg41L5jmU72xCWMYyQcg0i7kAq2aHoeq2_YjKw0Uxv3X22vYA9vXWJqzmHFr_s0-DtJI30_u5xq6SBi9vNbC7RW4rUbFe01Ilp2p9SunSjdCU45qrQ75CEVoxZEjLI9mhpmTMqXUjsDUjQ79S5iDtu-IMa4IoLpktO1fo9t_3h3e7URQjO2NQYhn2pRF86gTAqv5o5ExsgPHTRieoa54MGmZ9_xD5KFW631UXrAzjLpxuVgfkJC0fA_MPFULeqaoDkQTu_3tEM9zSD_7G6CfRNuiMO3iaevf7tocrmp-3VmVfOP8FH4-4U3k2f_hUTzLlyhrQOG0eUI20BEnbxUMCrEvGVTH26X_xTm9puTxJmkXiv1gtqZJrtgxtDeoDYWQm675v_yvNJnhXO9c_lZuPypHSIfqrcjNZhCff7ULb_JcBVcs7ZBjs65CkcoLkaOYMLIJouXcDtYe5_CoMku_Hb6-N-18iBlOnMvbh_8pAEEBLDCpQA6XLCKaKTXD4cu_hL0esX6zqnBecxhNjIsbtIRz6QFFYMHIt0QN33yBHdJeKmmeA7yPNA5WurDGyup3k6cWursdy-rzXX6MT4wcMhZ8l_UEHA3RoEi8ugunLucgtviSi1ZMZw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608154&bpp=11&bdt=217&idt=319&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=6484089135404&frm=8&ife=1&pv=2&ga_vid=1855592264.1663396608&ga_sid=1663396608&ga_hid=1591391937&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44767668%2C31069511%2C44770881&oid=2&pvsid=4486120995357876&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kyd6yje3inir&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5FA3 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 06:36:51 GMT
easeljs_1.0.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5FA3 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easeljs_1.0.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36116
x-xss-protection
0
last-modified
Tue, 19 Nov 2019 16:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 06:36:51 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5FA3 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 06:36:51 GMT
index_336x280_google.js
s0.2mdn.net/sadbundle/12129862044491927380/ Frame 5FA3 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
15fa1b7e6f0d2a575dd72e03903b37f563430d1bde293650abd09bdc55d2b1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330316
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8752
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 10:51:35 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7F53 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 06:36:51 GMT
easeljs_1.0.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7F53 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easeljs_1.0.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36116
x-xss-protection
0
last-modified
Tue, 19 Nov 2019 16:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 06:36:51 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7F53 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 06:36:51 GMT
index_336x280_google.js
s0.2mdn.net/sadbundle/12129862044491927380/ Frame 7F53 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
15fa1b7e6f0d2a575dd72e03903b37f563430d1bde293650abd09bdc55d2b1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330316
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8752
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 10:51:35 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Sep 2022 06:36:51 GMT
container.html
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7DA8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:50 GMT
expires
Sun, 17 Sep 2023 06:36:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FBEA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:50 GMT
expires
Sun, 17 Sep 2023 06:36:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 257A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:50 GMT
expires
Sun, 17 Sep 2023 06:36:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index_336x280_google_atlas_P_1.png
s0.2mdn.net/sadbundle/12129862044491927380/images/ Frame 5FA3 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/images/index_336x280_google_atlas_P_1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663396608185&bpp=14&bdt=240&idt=403&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2198418931226&frm=8&ife=1&pv=2&ga_vid=1900907981.1663396609&ga_sid=1663396609&ga_hid=833847459&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44767166&oid=2&pvsid=424218493006684&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.1icxdtns8eph&fsb=1&dtd=410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:51:35 GMT
x-content-type-options
nosniff
age
330316
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63681
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 10:51:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DADA 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0QKMRgQ7Z2ybWddS9SkuNCnIXSWHjtHLRwkaNRUFz7SgL5GgPYSAuSgIJEskt0-M4LvJmfo8L5ldIG1IV065eyvQT-wt2XbCzquyrJFiIL4JpBQgBmZPAbsiOGgeTTX1wSSAVPy90vQjmVtzoHpAWjBDfVRyH9e7_HSd_0lL919bHb66Ae-uEzMiIPI9BratIxG2U6f2THBzwpxQFsARNwVrMaDXaMPbl-ib_rCr_Xtxkfaq3xuj4au8fpuVj3FifrdJRqq_FRhztMmaoQgzVFgaF1U6Fl0uOeUZ3-ij7aXlU11cERD3vZ8IkwPWTm4MXvY7fdbM3S0VnzQN7UllxEnkynmMLkUi504g7Dsd5pL7yyQ3m3I_cYvbSZIPoN-2woJfFViGROpZ8Z8aTaGsZiSdPtnmZmEtVfLKhhSljDfZcjjvXXDJwN67ZfaEfTw12yF6gcGAZ-674FqUUpfmePMcnWGGO9PQGQI-sS-9cN5X6we92uatWV6NbZDTEZPmyv3fQPk3OvbrFRe9CLWx7I7WnKKUh_iHiBXgOjRWkd12DcZkUiubFXA5Gq3uGCozQQrBNx7R3oWnZ1eMbbnhnaF7cGpIIcspcYOFw18zYDj7Y6XuORcceHMOsIt7fMGZpQPFuM3rL4_l1Iu6nkG3cU6uHJhckYhujIwRwtz9fhLNcq4shJbFfBzcLRwOrndRK_Eq287mro8pz4wepiz0eZIqAAeQSVAGB7LxJCRSy9RA3m5Ww3azTI6vu3zN58FgpRS_23D_5_5uUYDpQRqa3eL6BFsuGAvahtlYU50BT_vG3UyEdXgUrh2RFATClK8xe6M0Ehe1aIR_NSXnvnYtNLICCn1gm372PVUV3MhG3T0Tn5_G-rGbmxF7NKIho8BYR5hlKHlYf3F9cuVoYEkmh2bUsXuLRKPFcUh2hPQtODVmpY59MRopvFyN_AuYY0UppxWEe8-HXFII41SeE4VItvwgGRnARtKciMJKSb6av19neO8OdM3K1eGpJ8WvVxYHAAbuLI8gYutzRQgUkifCBgqJItMNEBQriZelyyAAXtojwPoVlVgEoK0S18xTUuoJnQPX3zR-3g9WHEBj3r0iaRJz83Sxn7HVj1yJjacxWKs4Y6LLDIVuJt9HbXpGqt7p3pJAKG1LelOfNt4o&sai=AMfl-YToc7SAF2vQHDyEr0Cq9BaWIbD40R7iu40XGB6u-Tg6EW0Y_sFiaMrWOw1i2nkO9TsgApyswDAzcJBBZ26snl3S6UVoagdpjzP7chmLw23cGY4gKJ5k0mlnMYslZHTz9WU1B7MoQGgN1nn4CbyMOsEpnnhyXA&sig=Cg0ArKJSzPRXg3vt3LH0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2152&vt=11&dtpt=1402&dett=3&cstd=746&cisv=r20220914.05156&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame B82E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
27a77d2afda661a93e3bda9694348246389a93af9e3134da4bb6c96746f7f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11119
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7AB6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
e9709e3ed974c4b5c30a8c1ed14b0715c06426dc34b0d0307a1c24bc6ad0d440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11076
x-xss-protection
0
index_336x280_google_atlas_P_1.png
s0.2mdn.net/sadbundle/12129862044491927380/images/ Frame 7F53 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/images/index_336x280_google_atlas_P_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:51:35 GMT
x-content-type-options
nosniff
age
330316
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63681
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 10:51:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2120 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2GBTU3vA-piq43ye4f0hI2WQ3jwPDY2E1b15LQEX-Vcu6Rek6h42Q5T5rUklwsnI-BufghcnTu5MoGgfPt1dAOW4QR-4cKt_h2iyjP7kX-Kh1_-44npXusqviv1dpc6K1JPf_luFRrgIXQ--Hf9wJejDgeaiqAxvVaOvnkD4EdX71YWB-60CUlMc2u0IE3ffm-YQIsw8TeXq7GzmEMdHGgVFUoNy0KqqMv3PxDKzPL1l__y4vTZnHL6uy87KVNs-LIYaiIeZuKQK8awhFJHdxsy2a1Paz45x_M60blH0FdtouHZcGhw1PUKPNiHxuTiO3PYs1ViQvbL2eumwvV2mxSDSg1GqrCJWXxYX3niRZoMgvuwhQMtKsLouFO6Jilr-hQ04vNuX3QSkZ6BTG7nxjWKPcLJ4gEGZNzisZ8HT3U8rTbB95ZgpmQuJ8umoMrXy1MLSjo9rlUjLctggZV58LCv5O-ZcuollHzGj8MU7_3cG_QyBaOgHDuCkJNlouRTueeVp1iuSVCRe6qxKI39xeBVZuTnw15BvKiTDf8cntp0ycOi2lWBzV7mYqdeYKrCz5v2IuYeQw7IrKo47kWN7HSIgsgNTIjhFreXd0kG_-tDnZjZECt0RQ6Ncayu2op4FfM_N4pTMsPgWR1HFQt8bpshOvqVvMvWIMeVS0ZlmOsYRyO-DFtulvv6Tzuye6FeUNqHBANtn33DjibT_iW1Fk9mQdTUWq7fNK_L0MfnzHNaRpKJ59cxKdw6OLqcB3fWNUMX7Que9A5jUE4_laoYUSCFTL5lg6AWOpDHvEeY4g4twGKM6bRnB4nMdL7mbd32MfCzEWGJ2Px--rh7pY7SQWxf6VECiCPqMA4hZzWo5KlyHYsoGlVWeRcLXZp3NLYw62Gk-Kt_0FA900jRbpP_XmX2nkE88SZD5hTX774cZHcX4KrFiF5cs2ZKouA1L4h4WZ1WnGBrQQOApXwsVn9225K1iCZ0CIFVj5lfqrtVAp4-uoe3IZfkP_K6LP0TwGYTQAvmfu5qBYl2Lxg0pt9D2qwugHAbsrTgqx7ydqOu5TshFTVcK960K5pXWwBLGEV7hHP9F9l4r8CITgbcPQeXewvO251g9LJIwoZaJAVzDSHCaWgmwfvAnldyzNfetxug7NRQGn&sai=AMfl-YQKnB16XHiHgslNJFAU3wIo3zQXRezFR71GVF9WqcN8otefmfwUG2_qexGrtA7241hu_IQWNM6B_vHCLzb1MGeDXgJAtvxW2SKoC_sSJMRmHSxU5-04NnHdJ5rCmsnZU5XAOvXNmPnaVxjR1CBqpbR8Yg0q5A&sig=Cg0ArKJSzC0LKabkKhQWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1993&vt=11&dtpt=1295&dett=3&cstd=696&cisv=r20220914.30105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2BB8 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
5f3e94c905dc99ba3692dc61a22a2a7468cac238fd19301fe0ea6d4850e801f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11288
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 79E9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
dcc39e96630ccf0e8420842135a7c2c3453520e8ef3ba9c8a79863232242e9de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11211
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DADA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_OITZZu35xJLp7gOPNqvM2DI3vrZzFyj6BZ2wkIwame5MH6peOLOIaH-Idik8fNKkG5mivMQnZ5Pcbu_Yy3YTxLotWOinlRX3Q3PTBylcLK3S2aECmX113DHOrdDOawf2pmE&sai=AMfl-YQJTf9tQjJ0r6k_UXi_S9lNFmeELmd6Abny4AZLPluAy6lBiZyOuWUjQKCBAPaJUiDU4nVQlkNpVmga6wpVGF7-VjFFUsCt6Z0&sig=Cg0ArKJSzF7kTdC7mgg5EAE&cid=CAASEuRo-1bqYPlwjoznkuDgRJw16Q&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663396608596&rpt=2380&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B507 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVhXWMjnw6d_P-cFtkzxfarjhBwA4NzcWjnarTb49s_2qxOnwTXwrUKIoOdv-eh3WMl_8m-im1-FMrxd5v15cXqP8ZskA
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7DA8 		79 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_ta6ybPMLEtJKvJdMvw3TpoDznFCJ20ei-tiJU4yZ2eGjt_dwk01mTeiNlhVPKDHVrNzRrbmmqqo-CXjCdO5Fu6v6Fg&cry=1&dbm_d=AKAmf-DuBSVlcJ1E3pzIyjoBo9e9vUhgABOhTzgHabLsLf3vKpKIg7SlBUTqI_D2pOIxe7Ybv_8oRj4Ek5VJD_pBpdqhreUXp9M0nAEQWdwQzas2dl5aEln__Dk1Wq7R4UowdBTjwN0_9I7khc2gxBMOG6D77A8tzCtXL7Or62brEmIQdruPkjedzyt7ULTW272PS8u93v5llpmBJpWwnjw_o8faAHwxHv2McFobX3lKD9t174KgXfBeha4yiT4W2AxxHSytNkWiSgq-tuBnofPwf4_Gm_e4q6G0KJck490xuv2Z12Bi6urF-hEFwqHd9eIpx9PC0nGBVSEN0t_dZzXU5j9YHKvEni5ZNQc3SLrPUbsB-B9OZr-gyWZP0FdpmBkUJZi8H-fQhgkvLvLDa5BSdplMGeonZaMd55M_wG6svw8EurrOhrSZOwXapydjU5A9phiaDyvXQQoFo596RrErXm8za4TKA7O8ollmh1rXGmtuZ8mMoa4xHpVJDvEintPprv80LNq6w4eJhrme_DUs7OB4BlEshlQo7L5k7zRCgjW5d3pQEQo5ujHGPHSeJYBe179xucpxizYrItWuQeS5Ed3MPJB86FKIDEiRhCd11pLALM34gZRoTJ6EA2SjDZmQhnjZzLqt9NR4PEriQgqhxHnIJBTgztXKu-cpuWKlFn7V09p_JbBedfyod2Zazkh71VrWVDS24hBeCGo-UxTzo-SJRLdZuFCQWbbr513RN05hsVk7XyyKdZ-m45vLoROkmoIMsw9TmYT0urVlsIr-9K9ej4ZQBawPvrhhSJxsn8m55t60C-HtyQO1kAlnWewl-GQwVmJxAS_Ww6kpTWiIVcuVYTOYpKUiW5JUQckg0znoC8rt4ogsyo4stg6ankzF8elzj9nYidvZebqRL7f9LRtCcF1HGNGIwcquVrbvs5jUnMiV5p2mMC34rTzxOs-cWXVnjNGmkWNBfI0cZAby0Ls2sTPPwhT4MjhrSmpRkinFJtlflb8DSSoDCguoLnYaUOFAxeSHy-QjVQET8_iU3U-7tjrPAZldxjsa-yapYw1ljO0rSIneqrVukjM0uFlEGig71z9V3HZyAE13Y3hnPxMPJ2-xK4C160qe4JI6Fa30Jr4ecCdfFRF4Hzf12tBD6vJgdUwLGJ25CdHtivlviESoXWe1H5i9MGG7wMLhCRZsLjAsF40want3D4MnnSIIQ3oeXePjnLwwOzseO69hzhT1uiM71nZojmAWHKfQmdu6iK-QH1wkYt42a3Gn_55am7JZFbr64ymodDaQiT52Nqax4WXRILClPD4jKrs9_kqA3Ejl6Zkv5MrRgMkyjf9opdSOE2fM0-0I6w3-9XD6u8q1k2GhaYoJOTnEqGNsYETwcpX8a4c7CPa0IAIeWipRHAYoldWFO8NJNFGMXb8D3MNuPRmc7FgpV4TjHiMxCG6hNXDXNCJAExSJzpJDSE5mMQk7Satt4EztF5P_1feD670ivyqCAlIvcumnkO52psUJqmBmDQjhFdb_EKum9aZBFEq3-uJ8vWSeSH89iQT-qvJ8eFeOhUQfRyBf6ksYqOaScShsvbklOzS4XxYv56L0ZyqHF9NVV5viRFfpmQcSjaB76bj-iMzThtH8AMjXaSfKa0soBAJasKzouF7E41xGM7Ea1mjqa6XPCki7gk3oXfVcNIZjOwAvKBx-67UHbf7lM_F6DH0yME_phiQaNAQMjO8nLsePWp2UzySPGQuJyC_DmCBFToCH_3NSpE0zxQtPHLU8k7sAa43hkYPZP0KAxVbiM6Oay_4Ogs2vHqt_HLAYEq8bEPH5ul0TB-qOZv3-4nHiNhmyaDd7mAWlvtWYX3UoZBepU4u2WbD884b_0EYOEv6MrdTV9KS88ZWiz2tGltClpBmI5522uImwVuWXI9CkNbt1NyrN-CZxcj9wZ6i5_K0xsiICnSDHM-IbGycZEidahpiI2Zd1p6lCFSc5jvUf5DqEAcyreGozMmJrz8LoE0wC_31eGQczjrT53DbXsWAroh2SDjfjsW79ogq35ItImkXHcheLb2qPYCA2lhJSNqnR8hw2Awah1BHb6mEVxVrAd3kbfcr9wlR-zJ9_jyb1pIOHBq_n8nyfz1OyQ73UPnLtaB2hbxgd2AGdT9u29yuf7fTT0QC0f7KOAyJ_zb5taAiPN58Vk5w7UnAjFsmhacLR4eUYRTuR7r0xTlBB2V-O8cO22GZt4xHoMRY-u8-x1p9f2yXEDc59qRrelAGsCTVPOXw4I7iUGmYEzb4cDeJEo7k0fpppN6rINq05vK4ElnzG8qhUTMWRV-sJvkJN9MYO760_XkZxHvMkOJxM2pRS2_GbvoJkF5BA9P6hqltbbibvDvfyK3LXM6c4OpMRZbcThIQgkXnabNLh878dN5JnIGmdRNLqivzOdqzp6GvUSSGh1BvYqxtygYs-Zc7aPX25obiRP4EOJTnhuof7YeopqgWVVEFcrxW87LI8-E2pagZDBTHOi9a5jZ_bEPd7H_873BWy_pZmha2G6v-EFuyulgssbWgk-HFJY2YNEBfGMYt3O4aDsVjfxr5inRvg32g9iDg-TdFybGGsfVla1cZPh1lS56VKFQNxW_3dQUSx5rYpZRygLywGwVD1G5-ISksigjFU6L8gct6il8d5-DaVMfgNwynYuPECg3KsOijedueTJYA3VzBC57pDu3a0VDfYesZfBzSa3hArguHAz3057vIEkIuGjDy9pbul3vjtDmizCxmRWgqkmqPw7yZZdWz2gfCrSoILU1Tw_IVeiKGrX4wQUHEbpT8Wo_5HdD9gRoo3H45LTbxaN4QFeYm5qeR9Zvdwh3c_cdKL8Kmuprvtr0DloG5bA13gF6fiQyeFdNvUHZoZ4GZn350yonProVPdEcqgkW9G_yTv1aTrbWlyBPBFezO15ec5mxviRN7ibR1GYbJ075_Q9WgET6bMxzIURH9YN6pKahZw21A3cXYxio2Nk2b9IO6bXMDxxhKBxcyEhqGnEvyQc3oTz2vXTS_AY1Iu9KRi0NIG-WU9mAfJ_HLB6VZOmHDqJz_GRAha-OAQvIkpjxx03o-rStM9cyh7gRaQih15DONfXTgQfEtJ8Dc-aixchxv3kSnnIkEz6H7c1RZtTN4_EWXFQJvOROATpuyTb3zyLwcs6ZXkvMnVVBIy-qZFcvfPLl5F6bzT47uKHUZRYUKggj5NPb2pzzawg_E4YW8mBMXp_aLBUQ4hrktZl6oN_uG8mmiEM_ATLAIQflYlkpGRZH0ph-QyQEPKYESidfaZFYrxkCS6LgJ5bDHp1Y0keIqOov3DZlzaWKkmTmYJmtnySj2uumE97sCHRo6-pLE9u1puyXEWC92FrtQ&cid=CAASJORoUypq2S2j3gu4ZPuvCR9uVQ7cGP_4yfSa-9WNWlzLnYEVJA&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
067a86140a0adb95843bb97ca4fa3c5daea422299228d34a0ab7310a906fc8a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DA8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cag416dS5KWYsmfrBAmZbeCOpJipUlxtWeCE9swdfcki6EmZtsTU37qqaCWt-IDLMuT0J1RwbqULXT6aNo4uzzGOXMdAg2rzN4uyp4Bnhvh0oMboU
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7DA8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:06:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7DA8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 04:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 04:25:15 GMT
l
www.google.com/ads/measurement/ Frame 7DA8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIIIjWdyH264_U7mj_OM3UchZ83h_UC5zjw1J-4Sf4r5CPiECyX2sduS3IQMB3YXIdpcbo2EwziDYrcD3ciHWiVDHbGA
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DA8 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7816 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVgFIOVsIygt6-n3vKOXb8slf4hUqxfxJ8Hr-1TwUZp8IjhQAxhSQMCBkWE9f1JD5kSt3EUSSkMVdtg1uXx0bZZI_EcKw
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FBEA 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKV0pFa1XyIb0X4dlO3en9A4XCYmIZaEL0YB-cDpgtg99q3tiJsK3gTo10zRkO7YxYDmY8mKa6TmC-k20IRXS1ic5kOQ&cry=1&dbm_d=AKAmf-BjpFxtzpt91LES9wafbrtDnbMuOqGuhSQo4aoToNG90IkEXmd-YTsWj45lPqpor4GwFONtXJlrMQdcYnHuyIerRhFJqdmlIN16tBUPMt4XEiK5MjASpkicwEWrmQ8v096BJj4VW5U0QFLk7WnL5Uk1u1eWP-NzCpCEigs10N472YIFmIPGPI4j4350-otEHKeRfyQXSpI7KDl0I5CftrS4A5t1fNAAmjXfCuSi1odvQWj4HGteRCUqTAg48foXe3tTn7HzAJYKOlWN8gll3FyvVIWJaQHDlQFt7rfN4AalGz_DlOG1coTmWdTrP083E6w-6LZT1tD3CCpc96H0WXlnIxbDVH-SIsvB_58L32aHCCy_Y9eXOxw5fINRb1hHqSqqXrnjwXPEGLlSHmgxuAmKYxPdgtPDkKk4AWuLDmGAwL7cTT3_W2fnLDNYImwlnot65z-HpUjULXySeXykQB04xTdaBS6C3to7p0YiglCSNnl2u7Fl_Yc0xh2gU6CNw4gmqqQ87SLxoHoiPGUeWgxRDaLaFGQh8uX-jJONgvF4tURX5tDp6VyGOXdBxOiaZgerEehUCLyFmUfzRDAhV-xA5C-6Hg-IBaIyKi0C0ysoxVsxlh-VryONgQ6MbIovjQKb3jjD2ksxuPT66qwPkxVvk3cZcVgYSCA31sl1_Pf4K2Jj_em2Xs00QA0tDPTXZkauJp_ln9UM9GynMirfOAjH8pX3DWtv9puoLjkU7ucOqB25eA9rOusXJS8CdstWp6mTRdIe3xKNcTaw0ssjhGOCOb48bu_f1FGvebg02v2DsCuHEF46TPLk2sFOwsgbpMdDY9x4G-nGc0qDcrPQgt9bzkvSOnfbYEQtpFcOf2JLSLscXCEFvse5KX703XKHF2LUtPiSqoKQC00XszRrJDxQaE-Ajx3D5s8gBmjR9So7xZYCYIzhrOX7Fhb3RRkurjYlzRjSPJA07hIRbfL0bkWWeei6f4cnjJllz8eSDMYUCzyE8Ze9pwC9KWXCzfTL9wgTpnoDu0bkSH3ZToGIVaNnwxzqTOBXCH63KAueMme8GdKPAkh8Myj0lSOj2nZqtL2FjGwYCfGIzCPbNzKtdVRhUmeB5umkLtL6O16YmOiE8vkUx9v5AZw-G9NRkHsUHlmX_xBucmiPyKVoudVDc0xkYr8OGm-Kdm3ojTdSxXtNF9uVKVLDk3BjNuAT2w6rDdDcI9IaSoOSywEvjGF4S9YXAwQOvwEZF4mx-4uAGRTD-dSEwHaUwRpyYDcIZXH4Vqc9x9d7xfjYC4HcmjweM5kWYz5UmnakyJzKzfGKcLv-_vqVZdsR2BSB_vAEzyl4lZ_73Ab00UcINCOoZGanvSkYIYYfevCkIJ1fXF43ThYDcV61XSh-27yPY-S0PdMh1W_55p9C0L2Xy-hrY_pU1MuQhHgM_M2ITJ2YMPDS7HNDkuKLqBQyxOhKie9gEopywYs8Hgw866IUSTFkIHMMAxajC7o_VJxGDkCmW53m23Ma-cYpZGvTs7x_Gr6UOgGrNTQDWAEVgXEbihgBbeMCeljq-Z7fbYWB4X0CW6-4m0eHryBxDwctcqgb5DPvpgfCCn9anTyUlz7yJfqBQcVO7tg3iTBvJKuCHPHO0D1fr_FrOk-iA3-jE11w6p4Qan0MCsYFH9oG5eW1y_Xq6NvYAuzVAoXZ1VlFPurpRc50Pi1hH9msPGE9t0_KUI_TDUFp7k6fWXYMxwH3z2RrliKmG5s21rnfZcJcfo4w-HL8j_LtV8cgQf4efgfolz8SSAbYyuKIeV1uGzNzWdThrYs3EbzQZQXie4qgn4nXxkAWgnut25fhYCGu01sQuwQmZaV3pYCQWt42knOxyG9EcOPFXqHFivetqF7M1UBKeCWBWoc52FGUjckaiwhust_jL8-e1cHqlocmFC5qgkAP93IsTCcsMMJJ-kwLp4JLPDkFkN4xsU1ThRIq-EfF1yxDDNrmjBz8U2_RtJVgJdnRPJF0iTlw3r-P8LgcN3vQYHS_ggQV-XrwVB8PHVrd1-HHhS3czXNnGxjTeryDst_KC1hK_ORfye71Ur-SxVKs6_En--qgjw7uINhlQDj7F5rTSqPmCjsvKm3oESGQjnY2Qsx-BCe87K8xbLqCxDszIr7kuYEeab2RP1OcFNlPaU19x4XKLl-dMEbN3TorskiMDtom9mS-LcILBq7pKc9nUo7lKO8BuL1LLp2LrfrBsAr16VQw-fMFd-u8jrhvGi7ix9g_2dvH7dQJjmzzkTvzLUkaq7zd_H2n_SY1zc6H_9aKgY0LD2ebtABUtl0S04JwkEDtaEmg_MCih5WPkY9wvc-CJ3j6yWvIISwu8vwrftIrYhPiA-YAYxHQo0s4RdJJEo3zttG1M1-5YoZkcUzOHrwrqUu6MOVeWFgTGteqD_53HnPjkVaVU9pUO3jF1xiPfKNhgCwNc_PqWfh3nqxw3246kWi-C0WBtXTujpAr9avMS_wpfzpiVn8W8CdAqyK--SAjQGRGt83xJhSDQoq83hTSMqHWQhZRxWCLccG0tKluWuc6lObaaO-oMv4j1JcHIF8dkopICep8cUjnsGrML9pndihuBJiq00tK34eHihWQ5sv42Kmk5W77bjjAKp4bZ0gt3QJEUJWPPw9xFfl6O_k7uEemt-5a0gt-ggLV0mvRr5lM3N5ETkJDMfY1inOxWiXaulYwYkFZk-AQNhooU_xB4GovvBq9tosgR7iLaPCtz4T6YyFfPTXOelH86TxfJW55_5Uz9Fhu7k1WSm1I2t-93AETYblLudqG_admUciNsPpexUDYxSU9uivFUlB-We2c6DYMIgLb7mmRZMUqRAjmjQCVqQLpUbTETKIgf63WEAaOa6RFcWGXl5BZBwSuXFOLB47TvAUMjqYA3Pp9B4Wu4rA7Puc8zkNDTUrZdweW6a9L7WL2aQQK-T2ucoQ-c1W5lN-hQFLmn5GZpT89gi13uoMKPDy9jej3iGRJQ-esK8bVEd-fbjBuLqKSH4yvoV5auG4UmZTMNT__NgGVACD3QPwQHCfI6joipdZlDx-at0ZLaOE7ijvg3hJR9ifjXGAlFUui0yXPo6ejqnrMp45GZi85WBw4n2u70L7kS8oXagkr2sYI1rzNOeI_D4xP3A-fkVpnEugTpdXWo2J68Wab-9mGSESHClhK0a6y4bSVRwqs2CyE3F6-vH2YMk7RucrkSvmPJzKi_31Ej7PcZ10JyG0wixONKBEXb9-f49piKzmDZvA8WuSfNYINbSHpDJffzgaB3YBd740whqcmB-IYrFKlQyr_hrbAUoqgoiqbbeFmDw4NxwZKjS1nLFYL7OTcC5S-4borWpObf8g0o6L6vup7pi_SqEY&cid=CAASJORo-rMgy9mp9v1Jp-DoNqYKYFeHXuHsIwA4pCGzunMGYenDnQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
47a67ade50b2b883af8168c66d1e2656590817804a9a8e5c605736d66f31a553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34668
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBEA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpR1mqWSlMrlup_Km1IPtWPT0HIvLi49AXKmRhRlceS6g7fWe66bjVYTkiVqS9qPYHlHYclpLH7lROrGHb8666VQpPDMpy5QyioIY6Vp8r7VTmBso
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame FBEA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:06:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame FBEA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 04:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 04:25:15 GMT
l
www.google.com/ads/measurement/ Frame FBEA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbAu_-jVTFKhIKb1Qaams2dkmkz1acYWFxDcZicxPmm49lpBgn5J0jsVYMVsfWF-2xWYHUfO3qNcXBclGPSLU56dcdQA
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FBEA 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:52 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 257A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYLDfAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBL4CT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAoToiytSBWz6MKjVTgnIJSy3hwo4LsFfVe7u0Gi1KpLB_ed1aP6Y4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=TFv1XkM7Yl8&uach_m=[UACH]&cid=CAQSOwCsnQUx6Jz9UoE31kpirV-FfIMSKwBfUHskErYWpMVtRPWuj3E24juJw0Fvm6zpvp897YIMORymi0cPGAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 257A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kaaDFM7xBnjYBGL4LRICAAAA-ONZtFtuTcOupkbjEAJrJWNpkBiXRmpAc59w8gASAAA&wp=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
server
Kestrel
server-processing-duration-in-ticks
132489
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame 3863 		135 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4d3cf0b065eacf65a85b49e7da389f6fbc905dbf7a75be95edf85b036e31f6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=gNq1YSvyWr9BMKWbEHeXSvgm-dZIoGJwj6EFg7_aK8QJxv8JY_3E2dKwVhJGkkzlM8hYG9p6hsbNSWrWMszDrogjdlwhHpflD4rKbZaDeuUE2mfGNe2ezz2rsITJRq-6jGhTidZ2UI572zv-zxTDZmCg4PNTL8LEERQpx7QNS05MRivDiA9OoXi25Qyhwm6txVOYLgM12Ghy-M0BI0Pmb0xXHMRTeOND3vTA6BnxX1iXheCgOpco88nJK-OblvAqf79xdg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
65753595
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 257A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:06:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2116 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
16479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 02:02:13 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 02:02:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 257A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 04:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 04:25:15 GMT
l
www.google.com/ads/measurement/ Frame 257A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMV0lwSVm4Tj6kli-SEVP68G2rJ7Yn1JUaXmEo3lrbCJnhRCGA-Bd6orELhhnY8eI5YBDs00tvjPcmj4MMjPOym3cRVw
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 257A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 11:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
501020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Sep 2023 11:26:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 257A 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B82E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:54 GMT
index_336x280_google_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/12129862044491927380/images/ Frame 5FA3 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/images/index_336x280_google_atlas_NP_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:51:35 GMT
x-content-type-options
nosniff
age
330317
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69447
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 10:51:35 GMT
index_336x280_google_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/12129862044491927380/images/ Frame 7F53 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12129862044491927380/images/index_336x280_google_atlas_NP_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12129862044491927380/index_336x280_google.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:51:35 GMT
x-content-type-options
nosniff
age
330317
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69447
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 10:51:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7AB6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2BB8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:54 GMT
sd
us-u.openx.net/w/1.0/ Frame B507
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVhXWMjnw6d_P-cFtkzxfarjhBwA4NzcWjnarTb49s_2qxOnwTXwrUKIoOdv-eh3WMl_8m-im1-FMrxd5v15cXqP8ZskA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B507
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVhXWMjnw6d_P-cFtkzxfarjhBwA4NzcWjnarTb49s_2qxOnwTXwrUKIoOdv-eh3WMl_8m-im1-FMrxd5v15cXqP8ZskA
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame B507
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAWA--YqzhGwk1crxKI25Lw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAWA--YqzhGwk1crxKI25Lw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVhXWMjnw6d_P-cFtkzxfarjhBwA4NzcWjnarTb49s_2qxOnwTXwrUKIoOdv-eh3WMl_8m-im1-FMrxd5v15cXqP8ZskA
Protocol
H2
Server
23.54.57.83 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-57-83.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 17 Sep 2022 06:36:53 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEAWA--YqzhGwk1crxKI25Lw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B507
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWRkZDE0YmItOTgwMS00ZDFhLWExOTItYjUxNzY1MjY0ZDcx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWRkZDE0YmItOTgwMS00ZDFhLWExOTItYjUxNzY1MjY0ZDcx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNVhXWMjnw6d_P-cFtkzxfarjhBwA4NzcWjnarTb49s_2qxOnwTXwrUKIoOdv-eh3WMl_8m-im1-FMrxd5v15cXqP8ZskA
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWRkZDE0YmItOTgwMS00ZDFhLWExOTItYjUxNzY1MjY0ZDcx
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 17 Sep 2022 06:36:53 GMT
sd
us-u.openx.net/w/1.0/ Frame 7816
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVgFIOVsIygt6-n3vKOXb8slf4hUqxfxJ8Hr-1TwUZp8IjhQAxhSQMCBkWE9f1JD5kSt3EUSSkMVdtg1uXx0bZZI_EcKw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7816
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVgFIOVsIygt6-n3vKOXb8slf4hUqxfxJ8Hr-1TwUZp8IjhQAxhSQMCBkWE9f1JD5kSt3EUSSkMVdtg1uXx0bZZI_EcKw
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 7816
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAWA--YqzhGwk1crxKI25Lw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAWA--YqzhGwk1crxKI25Lw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVgFIOVsIygt6-n3vKOXb8slf4hUqxfxJ8Hr-1TwUZp8IjhQAxhSQMCBkWE9f1JD5kSt3EUSSkMVdtg1uXx0bZZI_EcKw
Protocol
H2
Server
23.54.57.83 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-57-83.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 17 Sep 2022 06:36:53 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEAWA--YqzhGwk1crxKI25Lw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7816
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWRkZDE0YmItOTgwMS00ZDFhLWExOTItYjUxNzY1MjY0ZDcx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWRkZDE0YmItOTgwMS00ZDFhLWExOTItYjUxNzY1MjY0ZDcx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNVgFIOVsIygt6-n3vKOXb8slf4hUqxfxJ8Hr-1TwUZp8IjhQAxhSQMCBkWE9f1JD5kSt3EUSSkMVdtg1uXx0bZZI_EcKw
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWRkZDE0YmItOTgwMS00ZDFhLWExOTItYjUxNzY1MjY0ZDcx
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 17 Sep 2022 06:36:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 79E9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 06:36:54 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2116
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1&google_push=AZmPxg8E6MdFVdRagy2obHcdOULpDfAmPeC-4gQZoqrFORCTnhDYR8VBHIzx04dup3T-FsiLaF0u_v3l0iHsBe9b12wBEl9oqlU2c...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjczOTk3NzU5MzA2NDI0MDUwNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2116
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHWZDvx39ZJyRnYNpThCrzo&google_cver=1&google_push=AZmPxg9_I245k11m0FQE5c9fCP5rhv6Q1DqYXxKNtzmEhUI3U7oet8EdoWLy3_aXETmMpw6c-RgWdiuQ7B3YA8WGKGBVUKU_Y3_sGi...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A1A85581AD84F77A4CB87F3C79F6B18&google_push=AZmPxg9_I245k11m0FQE5c9fCP5rhv6Q1DqYXxKNtzmEhUI3U7oet8EdoWLy3_aXETmMpw6c-RgWdiuQ7B3YA8W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A1A85581AD84F77A4CB87F3C79F6B18&google_push=AZmPxg9_I245k11m0FQE5c9fCP5rhv6Q1DqYXxKNtzmEhUI3U7oet8EdoWLy3_aXETmMpw6c-RgWdiuQ7B3YA8WGKGBVUKU_Y3_sGiCo8oA0ZgO2PxSrFmJahijqUuAGL-SDdv2TWmbOM-k
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6A1A85581AD84F77A4CB87F3C79F6B18&google_push=AZmPxg9_I245k11m0FQE5c9fCP5rhv6Q1DqYXxKNtzmEhUI3U7oet8EdoWLy3_aXETmMpw6c-RgWdiuQ7B3YA8WGKGBVUKU_Y3_sGiCo8oA0ZgO2PxSrFmJahijqUuAGL-SDdv2TWmbOM-k
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 16 Sep 2022 06:36:52 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2116 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENc9HpfSftXS4k5BAVfmmIw&google_cver=1&google_push=AZmPxg_q1BAlmOPbu_eHfbzpd_M0NNy0gUUKUGJaTSoyxBi92lMDbukoc8LujvxdP3rtJkizzpMQjZMOwVK6JKtuP3bN4qqX6iK2r7NH7BkghPWqxQrctcPAyiQdhlsromlqn2wcxxp9gv4
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 2116
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED8AG6sk4BnQ-5XGzG3fldQ&google_cver=1&google_push=AZmPxg85s4e4ep-BVdDq2WwigkanfHbwLMTryKNMvjBu8nODDvB4K0m_5QyK7CLXnii7RMXnHB0Xo21F9jDAdERN8K7yeIt...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg85s4e4ep-BVdDq2WwigkanfHbwLMTryKNMvjBu8nODDvB4K0m_5QyK7CLXnii7RMXnHB0Xo21F9jDAdERN8K7yeItdQ4rF6VnYasZyPj46qS4WTJT6LmQ2QwKCFSj6c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg85s4e4ep-BVdDq2WwigkanfHbwLMTryKNMvjBu8nODDvB4K0m_5QyK7CLXnii7RMXnHB0Xo21F9jDAdERN8K7yeItdQ4rF6VnYasZyPj46qS4WTJT6LmQ2QwKCFSj6cLNXQM8wRg&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg85s4e4ep-BVdDq2WwigkanfHbwLMTryKNMvjBu8nODDvB4K0m_5QyK7CLXnii7RMXnHB0Xo21F9jDAdERN8K7yeItdQ4rF6VnYasZyPj46qS4WTJT6LmQ2QwKCFSj6cLNXQM8wRg&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 2116
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg-F4wDxRQWYz8djg_r6k6TM6H5oAIbh1YA6U2Y0DpKEpcqQkMpIxj27cvyX-h7_dNr64FPAj3QS...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg-F4wDxRQWYz8djg_r6k6TM6H5oAIbh1YA6U2Y0DpKEpcqQkMpIxj27cvyX-h7_dNr64FP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2OTEwODI5MjYyMTgzMzAxOA&google_push=AZmPxg-F4wDxRQWYz8djg_r6k6TM6H5oAIbh1YA6U2Y0DpKEpcqQkMpIxj27cvyX-h7_dNr64FPAj3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2OTEwODI5MjYyMTgzMzAxOA&google_push=AZmPxg-F4wDxRQWYz8djg_r6k6TM6H5oAIbh1YA6U2Y0DpKEpcqQkMpIxj27cvyX-h7_dNr64FPAj3QST9h7f16l4InwXmaZ8RktWv4FoNPiFo8Y6L99wY7GXYuqhuPTlDjCnjObR44eMQY
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2OTEwODI5MjYyMTgzMzAxOA&google_push=AZmPxg-F4wDxRQWYz8djg_r6k6TM6H5oAIbh1YA6U2Y0DpKEpcqQkMpIxj27cvyX-h7_dNr64FPAj3QST9h7f16l4InwXmaZ8RktWv4FoNPiFo8Y6L99wY7GXYuqhuPTlDjCnjObR44eMQY
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 2116 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNynjjXhyz4wypzWw9FhUekVW3_5TM_ndgWcitGQUHAZUt7POc0N8_dRA
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7DA8 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Origin
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Sep 2022 05:47:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 7DA8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_ta6ybPMLEtJKvJdMvw3TpoDznFCJ20ei-tiJU4yZ2eGjt_dwk01mTeiNlhVPKDHVrNzRrbmmqqo-CXjCdO5Fu6v6Fg&cry=1&dbm_d=AKAmf-DuBSVlcJ1E3pzIyjoBo9e9vUhgABOhTzgHabLsLf3vKpKIg7SlBUTqI_D2pOIxe7Ybv_8oRj4Ek5VJD_pBpdqhreUXp9M0nAEQWdwQzas2dl5aEln__Dk1Wq7R4UowdBTjwN0_9I7khc2gxBMOG6D77A8tzCtXL7Or62brEmIQdruPkjedzyt7ULTW272PS8u93v5llpmBJpWwnjw_o8faAHwxHv2McFobX3lKD9t174KgXfBeha4yiT4W2AxxHSytNkWiSgq-tuBnofPwf4_Gm_e4q6G0KJck490xuv2Z12Bi6urF-hEFwqHd9eIpx9PC0nGBVSEN0t_dZzXU5j9YHKvEni5ZNQc3SLrPUbsB-B9OZr-gyWZP0FdpmBkUJZi8H-fQhgkvLvLDa5BSdplMGeonZaMd55M_wG6svw8EurrOhrSZOwXapydjU5A9phiaDyvXQQoFo596RrErXm8za4TKA7O8ollmh1rXGmtuZ8mMoa4xHpVJDvEintPprv80LNq6w4eJhrme_DUs7OB4BlEshlQo7L5k7zRCgjW5d3pQEQo5ujHGPHSeJYBe179xucpxizYrItWuQeS5Ed3MPJB86FKIDEiRhCd11pLALM34gZRoTJ6EA2SjDZmQhnjZzLqt9NR4PEriQgqhxHnIJBTgztXKu-cpuWKlFn7V09p_JbBedfyod2Zazkh71VrWVDS24hBeCGo-UxTzo-SJRLdZuFCQWbbr513RN05hsVk7XyyKdZ-m45vLoROkmoIMsw9TmYT0urVlsIr-9K9ej4ZQBawPvrhhSJxsn8m55t60C-HtyQO1kAlnWewl-GQwVmJxAS_Ww6kpTWiIVcuVYTOYpKUiW5JUQckg0znoC8rt4ogsyo4stg6ankzF8elzj9nYidvZebqRL7f9LRtCcF1HGNGIwcquVrbvs5jUnMiV5p2mMC34rTzxOs-cWXVnjNGmkWNBfI0cZAby0Ls2sTPPwhT4MjhrSmpRkinFJtlflb8DSSoDCguoLnYaUOFAxeSHy-QjVQET8_iU3U-7tjrPAZldxjsa-yapYw1ljO0rSIneqrVukjM0uFlEGig71z9V3HZyAE13Y3hnPxMPJ2-xK4C160qe4JI6Fa30Jr4ecCdfFRF4Hzf12tBD6vJgdUwLGJ25CdHtivlviESoXWe1H5i9MGG7wMLhCRZsLjAsF40want3D4MnnSIIQ3oeXePjnLwwOzseO69hzhT1uiM71nZojmAWHKfQmdu6iK-QH1wkYt42a3Gn_55am7JZFbr64ymodDaQiT52Nqax4WXRILClPD4jKrs9_kqA3Ejl6Zkv5MrRgMkyjf9opdSOE2fM0-0I6w3-9XD6u8q1k2GhaYoJOTnEqGNsYETwcpX8a4c7CPa0IAIeWipRHAYoldWFO8NJNFGMXb8D3MNuPRmc7FgpV4TjHiMxCG6hNXDXNCJAExSJzpJDSE5mMQk7Satt4EztF5P_1feD670ivyqCAlIvcumnkO52psUJqmBmDQjhFdb_EKum9aZBFEq3-uJ8vWSeSH89iQT-qvJ8eFeOhUQfRyBf6ksYqOaScShsvbklOzS4XxYv56L0ZyqHF9NVV5viRFfpmQcSjaB76bj-iMzThtH8AMjXaSfKa0soBAJasKzouF7E41xGM7Ea1mjqa6XPCki7gk3oXfVcNIZjOwAvKBx-67UHbf7lM_F6DH0yME_phiQaNAQMjO8nLsePWp2UzySPGQuJyC_DmCBFToCH_3NSpE0zxQtPHLU8k7sAa43hkYPZP0KAxVbiM6Oay_4Ogs2vHqt_HLAYEq8bEPH5ul0TB-qOZv3-4nHiNhmyaDd7mAWlvtWYX3UoZBepU4u2WbD884b_0EYOEv6MrdTV9KS88ZWiz2tGltClpBmI5522uImwVuWXI9CkNbt1NyrN-CZxcj9wZ6i5_K0xsiICnSDHM-IbGycZEidahpiI2Zd1p6lCFSc5jvUf5DqEAcyreGozMmJrz8LoE0wC_31eGQczjrT53DbXsWAroh2SDjfjsW79ogq35ItImkXHcheLb2qPYCA2lhJSNqnR8hw2Awah1BHb6mEVxVrAd3kbfcr9wlR-zJ9_jyb1pIOHBq_n8nyfz1OyQ73UPnLtaB2hbxgd2AGdT9u29yuf7fTT0QC0f7KOAyJ_zb5taAiPN58Vk5w7UnAjFsmhacLR4eUYRTuR7r0xTlBB2V-O8cO22GZt4xHoMRY-u8-x1p9f2yXEDc59qRrelAGsCTVPOXw4I7iUGmYEzb4cDeJEo7k0fpppN6rINq05vK4ElnzG8qhUTMWRV-sJvkJN9MYO760_XkZxHvMkOJxM2pRS2_GbvoJkF5BA9P6hqltbbibvDvfyK3LXM6c4OpMRZbcThIQgkXnabNLh878dN5JnIGmdRNLqivzOdqzp6GvUSSGh1BvYqxtygYs-Zc7aPX25obiRP4EOJTnhuof7YeopqgWVVEFcrxW87LI8-E2pagZDBTHOi9a5jZ_bEPd7H_873BWy_pZmha2G6v-EFuyulgssbWgk-HFJY2YNEBfGMYt3O4aDsVjfxr5inRvg32g9iDg-TdFybGGsfVla1cZPh1lS56VKFQNxW_3dQUSx5rYpZRygLywGwVD1G5-ISksigjFU6L8gct6il8d5-DaVMfgNwynYuPECg3KsOijedueTJYA3VzBC57pDu3a0VDfYesZfBzSa3hArguHAz3057vIEkIuGjDy9pbul3vjtDmizCxmRWgqkmqPw7yZZdWz2gfCrSoILU1Tw_IVeiKGrX4wQUHEbpT8Wo_5HdD9gRoo3H45LTbxaN4QFeYm5qeR9Zvdwh3c_cdKL8Kmuprvtr0DloG5bA13gF6fiQyeFdNvUHZoZ4GZn350yonProVPdEcqgkW9G_yTv1aTrbWlyBPBFezO15ec5mxviRN7ibR1GYbJ075_Q9WgET6bMxzIURH9YN6pKahZw21A3cXYxio2Nk2b9IO6bXMDxxhKBxcyEhqGnEvyQc3oTz2vXTS_AY1Iu9KRi0NIG-WU9mAfJ_HLB6VZOmHDqJz_GRAha-OAQvIkpjxx03o-rStM9cyh7gRaQih15DONfXTgQfEtJ8Dc-aixchxv3kSnnIkEz6H7c1RZtTN4_EWXFQJvOROATpuyTb3zyLwcs6ZXkvMnVVBIy-qZFcvfPLl5F6bzT47uKHUZRYUKggj5NPb2pzzawg_E4YW8mBMXp_aLBUQ4hrktZl6oN_uG8mmiEM_ATLAIQflYlkpGRZH0ph-QyQEPKYESidfaZFYrxkCS6LgJ5bDHp1Y0keIqOov3DZlzaWKkmTmYJmtnySj2uumE97sCHRo6-pLE9u1puyXEWC92FrtQ&cid=CAASJORoUypq2S2j3gu4ZPuvCR9uVQ7cGP_4yfSa-9WNWlzLnYEVJA&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:31:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 7DA8 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_ta6ybPMLEtJKvJdMvw3TpoDznFCJ20ei-tiJU4yZ2eGjt_dwk01mTeiNlhVPKDHVrNzRrbmmqqo-CXjCdO5Fu6v6Fg&cry=1&dbm_d=AKAmf-DuBSVlcJ1E3pzIyjoBo9e9vUhgABOhTzgHabLsLf3vKpKIg7SlBUTqI_D2pOIxe7Ybv_8oRj4Ek5VJD_pBpdqhreUXp9M0nAEQWdwQzas2dl5aEln__Dk1Wq7R4UowdBTjwN0_9I7khc2gxBMOG6D77A8tzCtXL7Or62brEmIQdruPkjedzyt7ULTW272PS8u93v5llpmBJpWwnjw_o8faAHwxHv2McFobX3lKD9t174KgXfBeha4yiT4W2AxxHSytNkWiSgq-tuBnofPwf4_Gm_e4q6G0KJck490xuv2Z12Bi6urF-hEFwqHd9eIpx9PC0nGBVSEN0t_dZzXU5j9YHKvEni5ZNQc3SLrPUbsB-B9OZr-gyWZP0FdpmBkUJZi8H-fQhgkvLvLDa5BSdplMGeonZaMd55M_wG6svw8EurrOhrSZOwXapydjU5A9phiaDyvXQQoFo596RrErXm8za4TKA7O8ollmh1rXGmtuZ8mMoa4xHpVJDvEintPprv80LNq6w4eJhrme_DUs7OB4BlEshlQo7L5k7zRCgjW5d3pQEQo5ujHGPHSeJYBe179xucpxizYrItWuQeS5Ed3MPJB86FKIDEiRhCd11pLALM34gZRoTJ6EA2SjDZmQhnjZzLqt9NR4PEriQgqhxHnIJBTgztXKu-cpuWKlFn7V09p_JbBedfyod2Zazkh71VrWVDS24hBeCGo-UxTzo-SJRLdZuFCQWbbr513RN05hsVk7XyyKdZ-m45vLoROkmoIMsw9TmYT0urVlsIr-9K9ej4ZQBawPvrhhSJxsn8m55t60C-HtyQO1kAlnWewl-GQwVmJxAS_Ww6kpTWiIVcuVYTOYpKUiW5JUQckg0znoC8rt4ogsyo4stg6ankzF8elzj9nYidvZebqRL7f9LRtCcF1HGNGIwcquVrbvs5jUnMiV5p2mMC34rTzxOs-cWXVnjNGmkWNBfI0cZAby0Ls2sTPPwhT4MjhrSmpRkinFJtlflb8DSSoDCguoLnYaUOFAxeSHy-QjVQET8_iU3U-7tjrPAZldxjsa-yapYw1ljO0rSIneqrVukjM0uFlEGig71z9V3HZyAE13Y3hnPxMPJ2-xK4C160qe4JI6Fa30Jr4ecCdfFRF4Hzf12tBD6vJgdUwLGJ25CdHtivlviESoXWe1H5i9MGG7wMLhCRZsLjAsF40want3D4MnnSIIQ3oeXePjnLwwOzseO69hzhT1uiM71nZojmAWHKfQmdu6iK-QH1wkYt42a3Gn_55am7JZFbr64ymodDaQiT52Nqax4WXRILClPD4jKrs9_kqA3Ejl6Zkv5MrRgMkyjf9opdSOE2fM0-0I6w3-9XD6u8q1k2GhaYoJOTnEqGNsYETwcpX8a4c7CPa0IAIeWipRHAYoldWFO8NJNFGMXb8D3MNuPRmc7FgpV4TjHiMxCG6hNXDXNCJAExSJzpJDSE5mMQk7Satt4EztF5P_1feD670ivyqCAlIvcumnkO52psUJqmBmDQjhFdb_EKum9aZBFEq3-uJ8vWSeSH89iQT-qvJ8eFeOhUQfRyBf6ksYqOaScShsvbklOzS4XxYv56L0ZyqHF9NVV5viRFfpmQcSjaB76bj-iMzThtH8AMjXaSfKa0soBAJasKzouF7E41xGM7Ea1mjqa6XPCki7gk3oXfVcNIZjOwAvKBx-67UHbf7lM_F6DH0yME_phiQaNAQMjO8nLsePWp2UzySPGQuJyC_DmCBFToCH_3NSpE0zxQtPHLU8k7sAa43hkYPZP0KAxVbiM6Oay_4Ogs2vHqt_HLAYEq8bEPH5ul0TB-qOZv3-4nHiNhmyaDd7mAWlvtWYX3UoZBepU4u2WbD884b_0EYOEv6MrdTV9KS88ZWiz2tGltClpBmI5522uImwVuWXI9CkNbt1NyrN-CZxcj9wZ6i5_K0xsiICnSDHM-IbGycZEidahpiI2Zd1p6lCFSc5jvUf5DqEAcyreGozMmJrz8LoE0wC_31eGQczjrT53DbXsWAroh2SDjfjsW79ogq35ItImkXHcheLb2qPYCA2lhJSNqnR8hw2Awah1BHb6mEVxVrAd3kbfcr9wlR-zJ9_jyb1pIOHBq_n8nyfz1OyQ73UPnLtaB2hbxgd2AGdT9u29yuf7fTT0QC0f7KOAyJ_zb5taAiPN58Vk5w7UnAjFsmhacLR4eUYRTuR7r0xTlBB2V-O8cO22GZt4xHoMRY-u8-x1p9f2yXEDc59qRrelAGsCTVPOXw4I7iUGmYEzb4cDeJEo7k0fpppN6rINq05vK4ElnzG8qhUTMWRV-sJvkJN9MYO760_XkZxHvMkOJxM2pRS2_GbvoJkF5BA9P6hqltbbibvDvfyK3LXM6c4OpMRZbcThIQgkXnabNLh878dN5JnIGmdRNLqivzOdqzp6GvUSSGh1BvYqxtygYs-Zc7aPX25obiRP4EOJTnhuof7YeopqgWVVEFcrxW87LI8-E2pagZDBTHOi9a5jZ_bEPd7H_873BWy_pZmha2G6v-EFuyulgssbWgk-HFJY2YNEBfGMYt3O4aDsVjfxr5inRvg32g9iDg-TdFybGGsfVla1cZPh1lS56VKFQNxW_3dQUSx5rYpZRygLywGwVD1G5-ISksigjFU6L8gct6il8d5-DaVMfgNwynYuPECg3KsOijedueTJYA3VzBC57pDu3a0VDfYesZfBzSa3hArguHAz3057vIEkIuGjDy9pbul3vjtDmizCxmRWgqkmqPw7yZZdWz2gfCrSoILU1Tw_IVeiKGrX4wQUHEbpT8Wo_5HdD9gRoo3H45LTbxaN4QFeYm5qeR9Zvdwh3c_cdKL8Kmuprvtr0DloG5bA13gF6fiQyeFdNvUHZoZ4GZn350yonProVPdEcqgkW9G_yTv1aTrbWlyBPBFezO15ec5mxviRN7ibR1GYbJ075_Q9WgET6bMxzIURH9YN6pKahZw21A3cXYxio2Nk2b9IO6bXMDxxhKBxcyEhqGnEvyQc3oTz2vXTS_AY1Iu9KRi0NIG-WU9mAfJ_HLB6VZOmHDqJz_GRAha-OAQvIkpjxx03o-rStM9cyh7gRaQih15DONfXTgQfEtJ8Dc-aixchxv3kSnnIkEz6H7c1RZtTN4_EWXFQJvOROATpuyTb3zyLwcs6ZXkvMnVVBIy-qZFcvfPLl5F6bzT47uKHUZRYUKggj5NPb2pzzawg_E4YW8mBMXp_aLBUQ4hrktZl6oN_uG8mmiEM_ATLAIQflYlkpGRZH0ph-QyQEPKYESidfaZFYrxkCS6LgJ5bDHp1Y0keIqOov3DZlzaWKkmTmYJmtnySj2uumE97sCHRo6-pLE9u1puyXEWC92FrtQ&cid=CAASJORoUypq2S2j3gu4ZPuvCR9uVQ7cGP_4yfSa-9WNWlzLnYEVJA&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 05:25:27 GMT
truncated
/ Frame 257A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65d29bf5a3e6233c2042961fc661d48d8f39259cb824fa031b53a21a2c90a83e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame FBEA 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Origin
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Sep 2022 05:47:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame FBEA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKV0pFa1XyIb0X4dlO3en9A4XCYmIZaEL0YB-cDpgtg99q3tiJsK3gTo10zRkO7YxYDmY8mKa6TmC-k20IRXS1ic5kOQ&cry=1&dbm_d=AKAmf-BjpFxtzpt91LES9wafbrtDnbMuOqGuhSQo4aoToNG90IkEXmd-YTsWj45lPqpor4GwFONtXJlrMQdcYnHuyIerRhFJqdmlIN16tBUPMt4XEiK5MjASpkicwEWrmQ8v096BJj4VW5U0QFLk7WnL5Uk1u1eWP-NzCpCEigs10N472YIFmIPGPI4j4350-otEHKeRfyQXSpI7KDl0I5CftrS4A5t1fNAAmjXfCuSi1odvQWj4HGteRCUqTAg48foXe3tTn7HzAJYKOlWN8gll3FyvVIWJaQHDlQFt7rfN4AalGz_DlOG1coTmWdTrP083E6w-6LZT1tD3CCpc96H0WXlnIxbDVH-SIsvB_58L32aHCCy_Y9eXOxw5fINRb1hHqSqqXrnjwXPEGLlSHmgxuAmKYxPdgtPDkKk4AWuLDmGAwL7cTT3_W2fnLDNYImwlnot65z-HpUjULXySeXykQB04xTdaBS6C3to7p0YiglCSNnl2u7Fl_Yc0xh2gU6CNw4gmqqQ87SLxoHoiPGUeWgxRDaLaFGQh8uX-jJONgvF4tURX5tDp6VyGOXdBxOiaZgerEehUCLyFmUfzRDAhV-xA5C-6Hg-IBaIyKi0C0ysoxVsxlh-VryONgQ6MbIovjQKb3jjD2ksxuPT66qwPkxVvk3cZcVgYSCA31sl1_Pf4K2Jj_em2Xs00QA0tDPTXZkauJp_ln9UM9GynMirfOAjH8pX3DWtv9puoLjkU7ucOqB25eA9rOusXJS8CdstWp6mTRdIe3xKNcTaw0ssjhGOCOb48bu_f1FGvebg02v2DsCuHEF46TPLk2sFOwsgbpMdDY9x4G-nGc0qDcrPQgt9bzkvSOnfbYEQtpFcOf2JLSLscXCEFvse5KX703XKHF2LUtPiSqoKQC00XszRrJDxQaE-Ajx3D5s8gBmjR9So7xZYCYIzhrOX7Fhb3RRkurjYlzRjSPJA07hIRbfL0bkWWeei6f4cnjJllz8eSDMYUCzyE8Ze9pwC9KWXCzfTL9wgTpnoDu0bkSH3ZToGIVaNnwxzqTOBXCH63KAueMme8GdKPAkh8Myj0lSOj2nZqtL2FjGwYCfGIzCPbNzKtdVRhUmeB5umkLtL6O16YmOiE8vkUx9v5AZw-G9NRkHsUHlmX_xBucmiPyKVoudVDc0xkYr8OGm-Kdm3ojTdSxXtNF9uVKVLDk3BjNuAT2w6rDdDcI9IaSoOSywEvjGF4S9YXAwQOvwEZF4mx-4uAGRTD-dSEwHaUwRpyYDcIZXH4Vqc9x9d7xfjYC4HcmjweM5kWYz5UmnakyJzKzfGKcLv-_vqVZdsR2BSB_vAEzyl4lZ_73Ab00UcINCOoZGanvSkYIYYfevCkIJ1fXF43ThYDcV61XSh-27yPY-S0PdMh1W_55p9C0L2Xy-hrY_pU1MuQhHgM_M2ITJ2YMPDS7HNDkuKLqBQyxOhKie9gEopywYs8Hgw866IUSTFkIHMMAxajC7o_VJxGDkCmW53m23Ma-cYpZGvTs7x_Gr6UOgGrNTQDWAEVgXEbihgBbeMCeljq-Z7fbYWB4X0CW6-4m0eHryBxDwctcqgb5DPvpgfCCn9anTyUlz7yJfqBQcVO7tg3iTBvJKuCHPHO0D1fr_FrOk-iA3-jE11w6p4Qan0MCsYFH9oG5eW1y_Xq6NvYAuzVAoXZ1VlFPurpRc50Pi1hH9msPGE9t0_KUI_TDUFp7k6fWXYMxwH3z2RrliKmG5s21rnfZcJcfo4w-HL8j_LtV8cgQf4efgfolz8SSAbYyuKIeV1uGzNzWdThrYs3EbzQZQXie4qgn4nXxkAWgnut25fhYCGu01sQuwQmZaV3pYCQWt42knOxyG9EcOPFXqHFivetqF7M1UBKeCWBWoc52FGUjckaiwhust_jL8-e1cHqlocmFC5qgkAP93IsTCcsMMJJ-kwLp4JLPDkFkN4xsU1ThRIq-EfF1yxDDNrmjBz8U2_RtJVgJdnRPJF0iTlw3r-P8LgcN3vQYHS_ggQV-XrwVB8PHVrd1-HHhS3czXNnGxjTeryDst_KC1hK_ORfye71Ur-SxVKs6_En--qgjw7uINhlQDj7F5rTSqPmCjsvKm3oESGQjnY2Qsx-BCe87K8xbLqCxDszIr7kuYEeab2RP1OcFNlPaU19x4XKLl-dMEbN3TorskiMDtom9mS-LcILBq7pKc9nUo7lKO8BuL1LLp2LrfrBsAr16VQw-fMFd-u8jrhvGi7ix9g_2dvH7dQJjmzzkTvzLUkaq7zd_H2n_SY1zc6H_9aKgY0LD2ebtABUtl0S04JwkEDtaEmg_MCih5WPkY9wvc-CJ3j6yWvIISwu8vwrftIrYhPiA-YAYxHQo0s4RdJJEo3zttG1M1-5YoZkcUzOHrwrqUu6MOVeWFgTGteqD_53HnPjkVaVU9pUO3jF1xiPfKNhgCwNc_PqWfh3nqxw3246kWi-C0WBtXTujpAr9avMS_wpfzpiVn8W8CdAqyK--SAjQGRGt83xJhSDQoq83hTSMqHWQhZRxWCLccG0tKluWuc6lObaaO-oMv4j1JcHIF8dkopICep8cUjnsGrML9pndihuBJiq00tK34eHihWQ5sv42Kmk5W77bjjAKp4bZ0gt3QJEUJWPPw9xFfl6O_k7uEemt-5a0gt-ggLV0mvRr5lM3N5ETkJDMfY1inOxWiXaulYwYkFZk-AQNhooU_xB4GovvBq9tosgR7iLaPCtz4T6YyFfPTXOelH86TxfJW55_5Uz9Fhu7k1WSm1I2t-93AETYblLudqG_admUciNsPpexUDYxSU9uivFUlB-We2c6DYMIgLb7mmRZMUqRAjmjQCVqQLpUbTETKIgf63WEAaOa6RFcWGXl5BZBwSuXFOLB47TvAUMjqYA3Pp9B4Wu4rA7Puc8zkNDTUrZdweW6a9L7WL2aQQK-T2ucoQ-c1W5lN-hQFLmn5GZpT89gi13uoMKPDy9jej3iGRJQ-esK8bVEd-fbjBuLqKSH4yvoV5auG4UmZTMNT__NgGVACD3QPwQHCfI6joipdZlDx-at0ZLaOE7ijvg3hJR9ifjXGAlFUui0yXPo6ejqnrMp45GZi85WBw4n2u70L7kS8oXagkr2sYI1rzNOeI_D4xP3A-fkVpnEugTpdXWo2J68Wab-9mGSESHClhK0a6y4bSVRwqs2CyE3F6-vH2YMk7RucrkSvmPJzKi_31Ej7PcZ10JyG0wixONKBEXb9-f49piKzmDZvA8WuSfNYINbSHpDJffzgaB3YBd740whqcmB-IYrFKlQyr_hrbAUoqgoiqbbeFmDw4NxwZKjS1nLFYL7OTcC5S-4borWpObf8g0o6L6vup7pi_SqEY&cid=CAASJORo-rMgy9mp9v1Jp-DoNqYKYFeHXuHsIwA4pCGzunMGYenDnQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 06:31:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame FBEA 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKV0pFa1XyIb0X4dlO3en9A4XCYmIZaEL0YB-cDpgtg99q3tiJsK3gTo10zRkO7YxYDmY8mKa6TmC-k20IRXS1ic5kOQ&cry=1&dbm_d=AKAmf-BjpFxtzpt91LES9wafbrtDnbMuOqGuhSQo4aoToNG90IkEXmd-YTsWj45lPqpor4GwFONtXJlrMQdcYnHuyIerRhFJqdmlIN16tBUPMt4XEiK5MjASpkicwEWrmQ8v096BJj4VW5U0QFLk7WnL5Uk1u1eWP-NzCpCEigs10N472YIFmIPGPI4j4350-otEHKeRfyQXSpI7KDl0I5CftrS4A5t1fNAAmjXfCuSi1odvQWj4HGteRCUqTAg48foXe3tTn7HzAJYKOlWN8gll3FyvVIWJaQHDlQFt7rfN4AalGz_DlOG1coTmWdTrP083E6w-6LZT1tD3CCpc96H0WXlnIxbDVH-SIsvB_58L32aHCCy_Y9eXOxw5fINRb1hHqSqqXrnjwXPEGLlSHmgxuAmKYxPdgtPDkKk4AWuLDmGAwL7cTT3_W2fnLDNYImwlnot65z-HpUjULXySeXykQB04xTdaBS6C3to7p0YiglCSNnl2u7Fl_Yc0xh2gU6CNw4gmqqQ87SLxoHoiPGUeWgxRDaLaFGQh8uX-jJONgvF4tURX5tDp6VyGOXdBxOiaZgerEehUCLyFmUfzRDAhV-xA5C-6Hg-IBaIyKi0C0ysoxVsxlh-VryONgQ6MbIovjQKb3jjD2ksxuPT66qwPkxVvk3cZcVgYSCA31sl1_Pf4K2Jj_em2Xs00QA0tDPTXZkauJp_ln9UM9GynMirfOAjH8pX3DWtv9puoLjkU7ucOqB25eA9rOusXJS8CdstWp6mTRdIe3xKNcTaw0ssjhGOCOb48bu_f1FGvebg02v2DsCuHEF46TPLk2sFOwsgbpMdDY9x4G-nGc0qDcrPQgt9bzkvSOnfbYEQtpFcOf2JLSLscXCEFvse5KX703XKHF2LUtPiSqoKQC00XszRrJDxQaE-Ajx3D5s8gBmjR9So7xZYCYIzhrOX7Fhb3RRkurjYlzRjSPJA07hIRbfL0bkWWeei6f4cnjJllz8eSDMYUCzyE8Ze9pwC9KWXCzfTL9wgTpnoDu0bkSH3ZToGIVaNnwxzqTOBXCH63KAueMme8GdKPAkh8Myj0lSOj2nZqtL2FjGwYCfGIzCPbNzKtdVRhUmeB5umkLtL6O16YmOiE8vkUx9v5AZw-G9NRkHsUHlmX_xBucmiPyKVoudVDc0xkYr8OGm-Kdm3ojTdSxXtNF9uVKVLDk3BjNuAT2w6rDdDcI9IaSoOSywEvjGF4S9YXAwQOvwEZF4mx-4uAGRTD-dSEwHaUwRpyYDcIZXH4Vqc9x9d7xfjYC4HcmjweM5kWYz5UmnakyJzKzfGKcLv-_vqVZdsR2BSB_vAEzyl4lZ_73Ab00UcINCOoZGanvSkYIYYfevCkIJ1fXF43ThYDcV61XSh-27yPY-S0PdMh1W_55p9C0L2Xy-hrY_pU1MuQhHgM_M2ITJ2YMPDS7HNDkuKLqBQyxOhKie9gEopywYs8Hgw866IUSTFkIHMMAxajC7o_VJxGDkCmW53m23Ma-cYpZGvTs7x_Gr6UOgGrNTQDWAEVgXEbihgBbeMCeljq-Z7fbYWB4X0CW6-4m0eHryBxDwctcqgb5DPvpgfCCn9anTyUlz7yJfqBQcVO7tg3iTBvJKuCHPHO0D1fr_FrOk-iA3-jE11w6p4Qan0MCsYFH9oG5eW1y_Xq6NvYAuzVAoXZ1VlFPurpRc50Pi1hH9msPGE9t0_KUI_TDUFp7k6fWXYMxwH3z2RrliKmG5s21rnfZcJcfo4w-HL8j_LtV8cgQf4efgfolz8SSAbYyuKIeV1uGzNzWdThrYs3EbzQZQXie4qgn4nXxkAWgnut25fhYCGu01sQuwQmZaV3pYCQWt42knOxyG9EcOPFXqHFivetqF7M1UBKeCWBWoc52FGUjckaiwhust_jL8-e1cHqlocmFC5qgkAP93IsTCcsMMJJ-kwLp4JLPDkFkN4xsU1ThRIq-EfF1yxDDNrmjBz8U2_RtJVgJdnRPJF0iTlw3r-P8LgcN3vQYHS_ggQV-XrwVB8PHVrd1-HHhS3czXNnGxjTeryDst_KC1hK_ORfye71Ur-SxVKs6_En--qgjw7uINhlQDj7F5rTSqPmCjsvKm3oESGQjnY2Qsx-BCe87K8xbLqCxDszIr7kuYEeab2RP1OcFNlPaU19x4XKLl-dMEbN3TorskiMDtom9mS-LcILBq7pKc9nUo7lKO8BuL1LLp2LrfrBsAr16VQw-fMFd-u8jrhvGi7ix9g_2dvH7dQJjmzzkTvzLUkaq7zd_H2n_SY1zc6H_9aKgY0LD2ebtABUtl0S04JwkEDtaEmg_MCih5WPkY9wvc-CJ3j6yWvIISwu8vwrftIrYhPiA-YAYxHQo0s4RdJJEo3zttG1M1-5YoZkcUzOHrwrqUu6MOVeWFgTGteqD_53HnPjkVaVU9pUO3jF1xiPfKNhgCwNc_PqWfh3nqxw3246kWi-C0WBtXTujpAr9avMS_wpfzpiVn8W8CdAqyK--SAjQGRGt83xJhSDQoq83hTSMqHWQhZRxWCLccG0tKluWuc6lObaaO-oMv4j1JcHIF8dkopICep8cUjnsGrML9pndihuBJiq00tK34eHihWQ5sv42Kmk5W77bjjAKp4bZ0gt3QJEUJWPPw9xFfl6O_k7uEemt-5a0gt-ggLV0mvRr5lM3N5ETkJDMfY1inOxWiXaulYwYkFZk-AQNhooU_xB4GovvBq9tosgR7iLaPCtz4T6YyFfPTXOelH86TxfJW55_5Uz9Fhu7k1WSm1I2t-93AETYblLudqG_admUciNsPpexUDYxSU9uivFUlB-We2c6DYMIgLb7mmRZMUqRAjmjQCVqQLpUbTETKIgf63WEAaOa6RFcWGXl5BZBwSuXFOLB47TvAUMjqYA3Pp9B4Wu4rA7Puc8zkNDTUrZdweW6a9L7WL2aQQK-T2ucoQ-c1W5lN-hQFLmn5GZpT89gi13uoMKPDy9jej3iGRJQ-esK8bVEd-fbjBuLqKSH4yvoV5auG4UmZTMNT__NgGVACD3QPwQHCfI6joipdZlDx-at0ZLaOE7ijvg3hJR9ifjXGAlFUui0yXPo6ejqnrMp45GZi85WBw4n2u70L7kS8oXagkr2sYI1rzNOeI_D4xP3A-fkVpnEugTpdXWo2J68Wab-9mGSESHClhK0a6y4bSVRwqs2CyE3F6-vH2YMk7RucrkSvmPJzKi_31Ej7PcZ10JyG0wixONKBEXb9-f49piKzmDZvA8WuSfNYINbSHpDJffzgaB3YBd740whqcmB-IYrFKlQyr_hrbAUoqgoiqbbeFmDw4NxwZKjS1nLFYL7OTcC5S-4borWpObf8g0o6L6vup7pi_SqEY&cid=CAASJORo-rMgy9mp9v1Jp-DoNqYKYFeHXuHsIwA4pCGzunMGYenDnQ&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 05:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Oct 2022 05:25:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7DA8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 16:43:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6C82 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
16479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 02:02:13 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 02:02:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7DA8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81d8c33479f73c7a51680cb8d198985952b6e6acbd4f92dd5430291011d13775

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FBEA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2023 16:43:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4972 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
16479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 02:02:13 GMT
etag
48472445140208031
expires
Sun, 18 Sep 2022 02:02:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FBEA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24649a4540acc4646756993d438632adf0bc5c6f78aabe4f03312c18ab31aa20

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3863 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 12 Sep 2023 06:36:52 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3863 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 12 Sep 2023 06:36:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3863 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 12 Sep 2023 06:36:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3863 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 12 Sep 2023 06:36:52 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 3863 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=0tePhVesNbCNGeVydLYvZl6Jrfa279dTaVuVaFpczJDkNgrGxIZzAoh3Nst78pc15Gqu4mIhmvSoPFay7LE03UF0cPP6gTZJljwzjzXlYlem8Wzq-Y592N4bwoDjH1Ha3NH2dkOMd1a7VvpDZ4lgBQFo15bq9V0MWbAuOne8K1OV09hlWVmfa1p-a0rVV0h66EGl1bsNvflznSjftNwaWCusvuchsSpAWmc9dlZW4RaAoPJ5Fv5bho5viuDfpy0SwTn8Am_z2HVqITLxK0Avy7ZFfU5vKbQI4iY_KFFJBuPL0eBpipitYKN234z4HaWpPQGJk4OGsGr8RBMxs02nZkYjD1sPJaqwV_JMqtAjrS9D6EmpGAYkiNvXzM4eq1L9ERCwBMjENPhStCOdyghTGvYkdykGU0GPsuAzll6ZJyV0uG9A
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1972816
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
B26847959.341102289;dc_pre=CI3l96Gbm_oCFRn7aAodrMcHaQ;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=63256b03de8d7074e0bf5278a14297cb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/ Frame 3863
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=63256b03de8d7074e0bf5278a14297cb;dc_lat=;dc_rdid=;tag_for_c...
  • https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_pre=CI3l96Gbm_oCFRn7aAodrMcHaQ;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=63256b03de8d7074e0bf5278a...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_pre=CI3l96Gbm_oCFRn7aAodrMcHaQ;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=63256b03de8d7074e0bf5278a14297cb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N962703.154378CRITEO/B26847959.341102289;dc_pre=CI3l96Gbm_oCFRn7aAodrMcHaQ;dc_trk_aid=532857455;dc_trk_cid=174615788;dcopt=anid;ord=63256b03de8d7074e0bf5278a14297cb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3200 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
419806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:00:06 GMT
expires
Tue, 12 Sep 2023 10:00:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6C82
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1&google_push=AZmPxg_OKMM1mGYcDIlSJgoGzotBeOPV3EvnGN4QilSWygfeixBm0JegDkfHGajwrQ_T8nOipGfWkDOd7hpzMzdvUhQKoWIb4k6cx...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQwMDc5Njk0NzU5MzAxNjY5OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C82
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHWZDvx39ZJyRnYNpThCrzo&google_cver=1&google_push=AZmPxg9-UsgbEYAOtrW1HFphMJznQFSA9GnJEpzPDiS315u3VixlD7s-rj-ca2TyCsCiigznvY4jvpCpg1XuA3hEKuFVrdqHRwulEP...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3B6A86A81AA48CBABB366F048954392&google_push=AZmPxg9-UsgbEYAOtrW1HFphMJznQFSA9GnJEpzPDiS315u3VixlD7s-rj-ca2TyCsCiigznvY4jvpCpg1XuA3h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3B6A86A81AA48CBABB366F048954392&google_push=AZmPxg9-UsgbEYAOtrW1HFphMJznQFSA9GnJEpzPDiS315u3VixlD7s-rj-ca2TyCsCiigznvY4jvpCpg1XuA3hEKuFVrdqHRwulEPDUBnntZhOS8JHiJvlF3nAG8WU4MO4ItBiCc04AfS0AQfdR5NHX7zg
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3B6A86A81AA48CBABB366F048954392&google_push=AZmPxg9-UsgbEYAOtrW1HFphMJznQFSA9GnJEpzPDiS315u3VixlD7s-rj-ca2TyCsCiigznvY4jvpCpg1XuA3hEKuFVrdqHRwulEPDUBnntZhOS8JHiJvlF3nAG8WU4MO4ItBiCc04AfS0AQfdR5NHX7zg
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 16 Sep 2022 06:36:52 GMT
pixel
cm.g.doubleclick.net/ Frame 6C82
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENc9HpfSftXS4k5BAVfmmIw&google_cver=1&google_push=AZmPxg_FX-L49Mh0NDy9E-3BueYOpQ1TbeumEdwuYHDWEnUOjQcJLZ9AgYioOo1GZiKcWcpVLKiDBl-5voSeXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg_FX-L49Mh0NDy9E-3BueYOpQ1TbeumEdwuYHDWEnUOjQcJLZ9AgYioOo1GZiKcWcpVLKiDBl-5voSeXagL4BjUqSRMxQMp9GCq17diE3O-V96BMG54GjUBHXnt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg_FX-L49Mh0NDy9E-3BueYOpQ1TbeumEdwuYHDWEnUOjQcJLZ9AgYioOo1GZiKcWcpVLKiDBl-5voSeXagL4BjUqSRMxQMp9GCq17diE3O-V96BMG54GjUBHXntM-FXf8aLtTt99gO5jDlvssPemjM&google_hm=hmMlawSTHobombJ3fw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63256B04931E86E899B2777FBLIS
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg_FX-L49Mh0NDy9E-3BueYOpQ1TbeumEdwuYHDWEnUOjQcJLZ9AgYioOo1GZiKcWcpVLKiDBl-5voSeXagL4BjUqSRMxQMp9GCq17diE3O-V96BMG54GjUBHXntM-FXf8aLtTt99gO5jDlvssPemjM&google_hm=hmMlawSTHobombJ3fw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63256B04931E86E899B2777FBLIS
date
Sat, 17 Sep 2022 06:36:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6C82
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED8AG6sk4BnQ-5XGzG3fldQ&google_cver=1&google_push=AZmPxg9fr8AD6aLAnbROrn_ig-D880Fdq1USD-kLUmqugvzndqq2Z0VLM242pVETQU2z6Ofw6jraUUEsTBcOYaaxRx4sxRa...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9fr8AD6aLAnbROrn_ig-D880Fdq1USD-kLUmqugvzndqq2Z0VLM242pVETQU2z6Ofw6jraUUEsTBcOYaaxRx4sxRabMnV96-oO2eL05JteBEjFi1ipaWX2K--WncYK7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9fr8AD6aLAnbROrn_ig-D880Fdq1USD-kLUmqugvzndqq2Z0VLM242pVETQU2z6Ofw6jraUUEsTBcOYaaxRx4sxRabMnV96-oO2eL05JteBEjFi1ipaWX2K--WncYK7bdq0uNEaepvL2MknuevfP8&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9fr8AD6aLAnbROrn_ig-D880Fdq1USD-kLUmqugvzndqq2Z0VLM242pVETQU2z6Ofw6jraUUEsTBcOYaaxRx4sxRabMnV96-oO2eL05JteBEjFi1ipaWX2K--WncYK7bdq0uNEaepvL2MknuevfP8&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 6C82
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg_5f1SyQwRm7tKTRpSbAhhPPNZRjTxjRVIApZk4y-6IAldsogfZQjEuN6cbBYaah0_ixCKS3rRo...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg_5f1SyQwRm7tKTRpSbAhhPPNZRjTxjRVIApZk4y-6IAldsogfZQjEuN6cbBYaah0_ixCK...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY3NTMwMjI3NjE3OTA2MTgwMw&google_push=AZmPxg_5f1SyQwRm7tKTRpSbAhhPPNZRjTxjRVIApZk4y-6IAldsogfZQjEuN6cbBYaah0_ixCKS3r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY3NTMwMjI3NjE3OTA2MTgwMw&google_push=AZmPxg_5f1SyQwRm7tKTRpSbAhhPPNZRjTxjRVIApZk4y-6IAldsogfZQjEuN6cbBYaah0_ixCKS3rRoCCxkINKyaOi-iuhb1Ym_LBmCVklfzrgdDEjZyEREuZRySNOjYRkyqe1YdabuUfs41P1leG8d0Bk
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY3NTMwMjI3NjE3OTA2MTgwMw&google_push=AZmPxg_5f1SyQwRm7tKTRpSbAhhPPNZRjTxjRVIApZk4y-6IAldsogfZQjEuN6cbBYaah0_ixCKS3rRoCCxkINKyaOi-iuhb1Ym_LBmCVklfzrgdDEjZyEREuZRySNOjYRkyqe1YdabuUfs41P1leG8d0Bk
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 6C82 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kslme4O6qW7UuMbK1WTDjSJsDp0pPnhP5vRiWg8N6-vnQUWVUSRgdiq00
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4972
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1&google_push=AZmPxg-tvaAYNMW5jVo-3xpNRgajhgYx_9l6qOzT4fql8x31_ieN5rCT2sAUqLP5dw9IGp9AIH_hr-CkALaeRauCk-NXDv-_L6udh...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODMwOTUxOTY1ODcwMzEwNzQ1MA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELbdSDsRSnPKKSdrSmVxISA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4972
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHWZDvx39ZJyRnYNpThCrzo&google_cver=1&google_push=AZmPxg_--2BEbRgyqXlg7FR6VBkoFyUxXhwoXMPjFASLv96pE4W5nOmdqvkt35VNDEggfJEI9X_YU3nGRuznCaHQ3gc1dBu6hfTScd...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A10A10804AA44A0ADC8395C6FFDA135&google_push=AZmPxg_--2BEbRgyqXlg7FR6VBkoFyUxXhwoXMPjFASLv96pE4W5nOmdqvkt35VNDEggfJEI9X_YU3nGRuznCaH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A10A10804AA44A0ADC8395C6FFDA135&google_push=AZmPxg_--2BEbRgyqXlg7FR6VBkoFyUxXhwoXMPjFASLv96pE4W5nOmdqvkt35VNDEggfJEI9X_YU3nGRuznCaHQ3gc1dBu6hfTScdj1cT2YXvMnaWdz8y0br-_DvDzNauEWsKbd0FBbE5fkJHh81TPUWw
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8A10A10804AA44A0ADC8395C6FFDA135&google_push=AZmPxg_--2BEbRgyqXlg7FR6VBkoFyUxXhwoXMPjFASLv96pE4W5nOmdqvkt35VNDEggfJEI9X_YU3nGRuznCaHQ3gc1dBu6hfTScdj1cT2YXvMnaWdz8y0br-_DvDzNauEWsKbd0FBbE5fkJHh81TPUWw
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 16 Sep 2022 06:36:52 GMT
pixel
cm.g.doubleclick.net/ Frame 4972
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENc9HpfSftXS4k5BAVfmmIw&google_cver=1&google_push=AZmPxg9Whx2uwtwupTVKSuIO2LhpNSyqWZ8VVE6JFmXvs_-ikwJFdZ-DwjlZeaXdzY6jv3hW3zpdQ_7WqlLHiG...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9Whx2uwtwupTVKSuIO2LhpNSyqWZ8VVE6JFmXvs_-ikwJFdZ-DwjlZeaXdzY6jv3hW3zpdQ_7WqlLHiGCuwg477YQfomaklZ54UkY-VD_X3jRhun9iUnrqoQWL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9Whx2uwtwupTVKSuIO2LhpNSyqWZ8VVE6JFmXvs_-ikwJFdZ-DwjlZeaXdzY6jv3hW3zpdQ_7WqlLHiGCuwg477YQfomaklZ54UkY-VD_X3jRhun9iUnrqoQWLpGzXP0QS3QUXeso-kl_WryvC-g&google_hm=hmMlawSTHobombJ3fw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63256B04931E86E899B2777FBLIS
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg9Whx2uwtwupTVKSuIO2LhpNSyqWZ8VVE6JFmXvs_-ikwJFdZ-DwjlZeaXdzY6jv3hW3zpdQ_7WqlLHiGCuwg477YQfomaklZ54UkY-VD_X3jRhun9iUnrqoQWLpGzXP0QS3QUXeso-kl_WryvC-g&google_hm=hmMlawSTHobombJ3fw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63256B04931E86E899B2777FBLIS
date
Sat, 17 Sep 2022 06:36:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4972
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED8AG6sk4BnQ-5XGzG3fldQ&google_cver=1&google_push=AZmPxg-nZEFVY2u3e8pS0e-TwCWP1oOBDEfsL-XNrzS4xKbZ9WOFaUXSddU6TijMHon0XAGGpprN0vcr3VlDXgTFUpLG1av...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-nZEFVY2u3e8pS0e-TwCWP1oOBDEfsL-XNrzS4xKbZ9WOFaUXSddU6TijMHon0XAGGpprN0vcr3VlDXgTFUpLG1avQeKsHfD09s7yst1e6BlddwL-Kes54jWNE9RsTM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-nZEFVY2u3e8pS0e-TwCWP1oOBDEfsL-XNrzS4xKbZ9WOFaUXSddU6TijMHon0XAGGpprN0vcr3VlDXgTFUpLG1avQeKsHfD09s7yst1e6BlddwL-Kes54jWNE9RsTMoZ70Gx1cF1L4BiYx1YB-A&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 17 Sep 2022 06:36:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-nZEFVY2u3e8pS0e-TwCWP1oOBDEfsL-XNrzS4xKbZ9WOFaUXSddU6TijMHon0XAGGpprN0vcr3VlDXgTFUpLG1avQeKsHfD09s7yst1e6BlddwL-Kes54jWNE9RsTMoZ70Gx1cF1L4BiYx1YB-A&google_hm=NTU4NjQxMzA0NzY5NDU4OTgzOA%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 4972
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg-ICpV1z7FFJEsKWcPPUSXkUlKERCpMSFvYZOQuyEGuJIbSZuMC2fIJ0Y-iHgMZtwoEgqH9KHUZ...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPw32bLCylWZbWaxlgmflVI&google_cver=1&google_push=AZmPxg-ICpV1z7FFJEsKWcPPUSXkUlKERCpMSFvYZOQuyEGuJIbSZuMC2fIJ0Y-iHgMZtwoEgqH...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1ODE4NTA1OTk1NDk4Mjk4MA&google_push=AZmPxg-ICpV1z7FFJEsKWcPPUSXkUlKERCpMSFvYZOQuyEGuJIbSZuMC2fIJ0Y-iHgMZtwoEgqH9KH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1ODE4NTA1OTk1NDk4Mjk4MA&google_push=AZmPxg-ICpV1z7FFJEsKWcPPUSXkUlKERCpMSFvYZOQuyEGuJIbSZuMC2fIJ0Y-iHgMZtwoEgqH9KHUZYzoojDwSrQEohGkHe4V6oDCwKwV-BXzYA4hIxmmD46eRCG9hJ_6JSWyAsa0rybs5bCjJVJeUm5w
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1ODE4NTA1OTk1NDk4Mjk4MA&google_push=AZmPxg-ICpV1z7FFJEsKWcPPUSXkUlKERCpMSFvYZOQuyEGuJIbSZuMC2fIJ0Y-iHgMZtwoEgqH9KHUZYzoojDwSrQEohGkHe4V6oDCwKwV-BXzYA4hIxmmD46eRCG9hJ_6JSWyAsa0rybs5bCjJVJeUm5w
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 4972 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaqPa5eBgp0hJOOdBT9_L4LnmMkkavt2xcsrYm9NOiBLxAorAEFu7qtIA
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FC7A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
419806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 10:00:06 GMT
expires
Tue, 12 Sep 2023 10:00:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/7988790760513552004/ Frame 7E72 		283 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7988790760513552004/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
021fcd714c00f1eb548e8fdef5ce94117e8116ec154d27f41ab211dc47c1ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
107566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
54420
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 00:44:06 GMT
expires
Sat, 16 Sep 2023 00:44:06 GMT
last-modified
Fri, 02 Sep 2022 01:08:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7DA8 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-6Glo12BL3C2AhuOwB7hEm4ZAl6SX5P9E8fyFeTDb7rwPqEtkssfAQEk2UcnK31zTEzow5Y7DbjWnOVCwIK0E8bL91DJrsvzTlBwaBqfOoQhYqM2aLGzm3pAnneZFqxstlva9qzwE7RLEn2wWlb9SfxBPDjYhdhcal4MyLK4ORADhL04NTOobEH8Ysu8AEANQrOZmFnL4zcC6nIdWWoh6u1dPBexmvsdDBPZdtwcKu7KZSh7o7UrBfmoeYR9X-GPd6EfALoXd2Et8Y9XK1Q0wtnM1ljF_DwAP0unLu5tN4aDW2dAR0IwY9a729yleTg7D08gEt6AShJ-Fz3qP7QMggrBIFeQik4TT88NXNcC3qwflHYCD5J5GhieTCNQ_KJDiWGf0xe5_oYxI16qaN-AzrFs-Lmj_B_rQg3xjtIzIVTI9MhTQlVrf4SKKBxDk3zZrP_iV9DiTyPs6Cip2iockvop4gchQSHSZqERv0_kSKEiz_bPzZrpxJzBQ8WsJhIa_qxKrUlvCgNXq29zgXKaHUXunW49LGtXbXGqYeCAClQT33cD-U5hyNPHrbTtd6M-8YZPA9viq665z4F30758capUI5Jn6-vXXb2wncynRl0MKY5xB_m1Aa9fTOkrGQdOKV3l0-sPvXsf5rf2zX_rvD7qVCnPsbthEn8ML73X-xAt_mZ4OWVb8o4BzdH4JCjGlfTqKhorl9nvF0GbkeesFnBvPIyNdSjGSZN4_k3z515EryS0psfY5GL9VEDqKOiWxNOLvUy5_8QwAYG9HfnlTIYY4DxywcYmK7sFFjWoTz3QIrA__E5_LmxPO01uLRt_l3NDGOiyi_z9NUZ42VI-srSHSP61wvzdkf5n-EFSFHuBhv_iBughR8oZR8tp8WhobxGwa1-um1kA_NPS88Js5KN2QdxsqX7Lc9oG0CADL95IHfsOFOaPcn5aLfRJBGIU8fShr1emcFJmvtHbVTPlKhXO5toFeoxjpnXmm0h_Lv4jE7iVhdiQHkJVe-rd6o-nR4xTAKNRCXFRI_n9RY_SFPr1yi29Ifm21r7KTk2sYyj32JtThr1HG_Tv2SBGi635gJN8RQh_aE1MJqUeXFRR4aV7JRfkIpAmRcydE3HwD8uuXdyNyRLWLdOAbFQYYEOY6TxbEtwCE32iwxnar7sZmCGyI3s5WMLZupk7tbm3t59kZRu87fCaT8KCB35h776v8KKg49iPUxE0JR_PTpzc0meX7u_7Ts1-VzKAN7tw9J9N2XwQVpGMWnWKQ0XDegDY7SFHEeZtr2DUznjHLMcCAUbVbuuN5nuv3SHQY8IjYUf80lYElIfdPH9w&sai=AMfl-YSbFl4qr0SqDyTNLO8D9tvsASdm7h2R9Y11Ctjo-5P3Fr4_8oeJI0ihfeIwxc2Q3QmmNf6DO_ed8fm0aeKz0nJg5V0NY4m2TZROY0poDyBrBG5rO3sqniK4ivvoUY9IKGRMzoiPcQwJ4N_-njChGhmhm9oXS_1FUs328OeZi2GvpY4a3LyqJqy_Z1cxdNklGHVQB_iq5peCDNINoKI1sA&sig=Cg0ArKJSzBq7wvivsGRIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=525&cbvp=1&cstd=524&cisv=r20220914.62008&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 17 Sep 2022 06:36:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 7DA8 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.205.243 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.364.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:53 GMT
Server
MMBD/3.364.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
nrt-router-x13, nrt-bidder-x17
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 17 Sep 2022 06:36:52 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 3200 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
animejs.js
static.criteo.net/animejs/ Frame 3863 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 12 Sep 2023 06:36:52 GMT
img
pix.as.criteo.net/img/ Frame 3863 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fimgs.clearly.com.au%2FProduct%2Fcontacts%2Fimg%2Facuvue%2Facuvue-oasys-for-astigmatism-v1%2Bfr%2B%2BproductPageXtraLarge.jpg&v=3&w=400&s=hh0s87TDoht4RjHubnBg4QXh&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
7310d72971c11861b7ba53307063d896e10d697b640e76f6cdb728a218b91e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=323499
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8786
expires
Wed, 21 Sep 2022 00:28:32 GMT
img
pix.as.criteo.net/img/ Frame 3863 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fimgs.clearly.com.au%2FProduct%2Fcontacts%2Fimg%2Fbiofinity%2Fbiofinity-v2%2Bfr%2B%2BproductPageXtraLarge.jpg&v=3&w=400&s=D-8pMJxgQdXRiM5Lo0C5wcJe&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
472a7c2ac11228f3c876f2b13dcf0b57f94ac0c4161d5f68573d6fe376d1f8bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=323817
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5622
expires
Wed, 21 Sep 2022 00:33:50 GMT
img
pix.as.criteo.net/img/ Frame 3863 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fimgs.clearly.com.au%2FProduct%2Fcontacts%2Fimg%2Facuvue%2Facuvue-oasys-with-transition%2Bfr%2B%2BproductPageXtraLarge.jpg&v=3&w=400&s=rVQEjxK2wD2jcNo8WhyEkYPP&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4d1b37ed11a4d77ed2b321965e6e88125b759df519c2c03da84cec48ef9753eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=327186
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8480
expires
Wed, 21 Sep 2022 01:29:59 GMT
img
pix.as.criteo.net/img/ Frame 3863 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fimgs.clearly.com.au%2FProduct%2Fcontacts%2Fimg%2Fair-optix%2Fair-optix-night-and-day-aqua-np%2Bfr%2B%2BproductPageXtraLarge.jpg&v=3&w=400&s=uQj-w3PEIOzpaM5ad8uC8yo_&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a35207366d1fc14ddde480cc656abfd3264eee0a764ea9b9eff1863a5e98d744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=324115
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10870
expires
Wed, 21 Sep 2022 00:38:49 GMT
img
pix.as.criteo.net/img/ Frame 3863 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fimgs.clearly.com.au%2FProduct%2Fcontacts%2Fimg%2Fair-optix%2F%2Fair-optix-astigmatism-np%2Bfr%2B%2BproductPageXtraLarge.jpg&v=3&w=400&s=-VXFwy8BhGcqkM0UXFeMyOYE&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8273d0591a53b1778562084c4fbacb6604e7d39208fe61dea16eb1f73750ebb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=324923
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11660
expires
Wed, 21 Sep 2022 00:52:16 GMT
img
pix.as.criteo.net/img/ Frame 3863 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=8121&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F8122%2F160617%2Ffb2653df564246c2b856942dfe939764_s-logo.png&v=3&w=236&s=TyPCugENCIKzgXW_OI7NxQxY
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9fdc0510c02c1219ae8cb410037d1558bb09c59891578b0e32941b7b55971479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26865352
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4457
expires
Tue, 25 Jul 2023 05:12:46 GMT
all
csm.as.criteo.net/ Frame 3863 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=gNq1YSvyWr9BMKWbEHeXSvgm-dZIoGJwj6EFg7_aK8QJxv8JY_3E2dKwVhJGkkzlM8hYG9p6hsbNSWrWMszDrogjdlwhHpflD4rKbZaDeuUE2mfGNe2ezz2rsITJRq-6jGhTidZ2UI572zv-zxTDZmCg4PNTL8LEERQpx7QNS05MRivDiA9OoXi25Qyhwm6txVOYLgM12Ghy-M0BI0Pmb0xXHMRTeOND3vTA6BnxX1iXheCgOpco88nJK-OblvAqf79xdg&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 17 Sep 2022 06:36:52 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3863 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 12 Sep 2023 06:36:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3863 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:52 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 12 Sep 2023 06:36:52 GMT
index.html
s0.2mdn.net/sadbundle/14349550522376953207/ Frame 796B 		97 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
70b3b43bc3b6aad26d5d6e09884d430daf54b2ad9a94031848d11fb11503f32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
196378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
24508
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 00:03:55 GMT
expires
Fri, 15 Sep 2023 00:03:55 GMT
last-modified
Mon, 12 Sep 2022 04:50:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FBEA 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhSOkMCDiAstG-beGGSzI7xmXxpiLn2OYkOMfq7XMgIsR0POzfbuxFFCWfkvouE2JNfaw4cgpZeY86CIl75ip-ErzGUJ_ok6klmuItFcyQiNy9C_MSofS9IN3AMc_y7yE26QZ-jIPwfjiwIveQj3X6ZFByQCP58zOln9RRU14CmUhCRPhlSYPyl5u88haV0y0CZ4WnU2U5_rJlTwcKJx5NiSqus_77B3tqEgPPtUMfVMT135QRjj469WbdodfdZygIxvhs-xF45TBk1lFYdGh0CgfQOyCOvMjzjgsXsH778ds2pzHEyZHExMIg_Jhr2iHXOlzOMoUX38zPMh01_L7hX1hjKOTdE_WNi5ggZKTrK1nfCYI0pmD3HpPFlxZ72_w51gKhUbzS4XWdifaRfkTk-56q_S5G0_e2csjAmRbKo8OHaxewzCCXA8rNdsb5HoNuShkIW291i-rzs4f-f9MajfxlSNIDC4vqVw5IMVxBhnje3j5KJhRS_mWYU6EgD13Jax8b3kaLNkaiGM_fgkSTH1j5zqssYr9TNRYHLMf1Z7qZAhmPJ4AJSU8Gi3hEogfvvxwxTbMQZwL5hdeNhohCoKkXIT0saYyDy516eVRN8l4PKKP0wgPTJiV01Re2s-sIj36l4ueL5nBV6oTOs1edYNwvASZNDKQMz8TsdLEWWttdM3k5AEDnvoVm1POyl6qJYY_Dbe0REtrmmxkbxPdLPw5IOOjgMv4lZ7m-uAndAvxg0zZPrNyNnZtHaP1fMD_SOM-BdZGcxJQWi_e_LGL_--MyTAZvTe7Y2PoFHthz-MP5Ycrf4VhZr8QIUM5vqDoYUuVavoldDd75OGNZ__9UKwcMXQtiX4IH89Z7FQ7-oOa20eUhzq8z-AgYBBOMS47DVkzQnI-H14Kmwsxltk-3CGJJgmmQH7lhAVinEYfYmfFwHPJZldQ6J2MHDE0l6EFoRt5T5Jrcx33GQBEwZOa_Suq_6kI4qmhXkgQvmUl44ve6UlwFyK60XgrXojAlyx_RZPJas07qfAopO00PyifF0TWxiWbTkHdE7OIFW72w7ZsBAGhcOvsxVO6nEs9uVIGdM4y0JcDA4Yp7BTbkn1xDYcSRdLhI9NcrXaEzWeeFJ9l_jLJD0cryuU7BPjeT3_ODh_P3DMgZ3AY9qd6snoCuwNzeToWjHnYB6heCV4mfVWIEpY8jrJ5FA4N7M7Xa528TdXSOLORIMhg1MU6yoz5-0Hjz3-5YVFT0GcxIjxVZrUsRG5czYLkoRN81lKhgvs8SIsLABiPY7B38REiDQAio4UH0DIIGs2AroUiL3p-sHtclD4tvp_A2qVpP3iA&sai=AMfl-YSW3-DP8GawWL5jGCE-OI0xQirbzSipgkgRu4qspUHryDPA_btmJ2EIm_6yjYBRoy-fLc6vaZoG5IOQ9NT6cE2Tfc6u2M6S61Sz47UJNWimdVeWP3yQdVkwMdXrp0JBbeg-1aMVnfADWEzbUdWALwuXRD3aR_TwuvlG_YtKzyFsRTYZnmkNmpxYQ4VMzksPI4xhVTV4MRu7If1CCfme5w&sig=Cg0ArKJSzCfLFvR1CGMTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=586&cbvp=1&cstd=584&cisv=r20220914.84192&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 17 Sep 2022 06:36:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame FBEA 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.205.243 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.364.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:53 GMT
Server
MMBD/3.364.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
nrt-router-x11, nrt-bidder-x28
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 17 Sep 2022 06:36:52 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame FC7A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 7E72 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7988790760513552004/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7988790760513552004/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 11:27:40 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 796B 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 11:27:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3200 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRTTiBGslY8DeBaeM9fwPv7mC8A4AAAAAOAHgBAI&bg=!OjmlOX3NAAZqQh0mSkI7ACkAdvg8WjepabiNgTth7qovj2VvVUU5XIR9ENfJU2f6PatZFDguXYXwrwIAAACUUgAAAAFoAQeZAuQk5xDqfRtt5CfjMgpz72EnSoYGg4q5rV_7L48wYOA6NuBA6X0ZycRS_8IlFk-PyjM5nMN411gGI6CUHWbv4qQH6jF7R0ofWJPTLlB5rMnmNfQSDL3ywuCf07ikDx_Qn-8x7LgpXF9xih78DGxnSVKDBqdUvmQTCbSt0BkdpUf1CjtYrYEjGeoX1gvfxqFUBlj7Ix1HMShDUprDMldi2yfOsygnMT3fj2cesoj3pCy-_7KMqPsYr_xq7ue0pfrGnv5jGJ52P4hFfUVwesvUYfMUF3HwH8I7VGG2dRve0N10t2jQM_o1c3gNU2CMGaPxUVSDse_kmPmd2wDTzeMLrf00XHYm3g9Fgqvyn3hrYXrCXwm98h-lwY5e-NAvPnNTsYDYAa4O4Ng7bcRHWrSRMs-9_AmabJ1Iau7p70B64_0xNq12AdCuWIo3S03YavtlqYeQvlo3dh-UoMITDTLhJEWmLcRfMX_NpJ2uVxhvcv0fewGD7lgZLGTKJ1UWI8rDJEOSvZKitRyAJpvnLDZsQWCUJcYPwTL0Ut0h__vX3KEYa7RWSc0jHdkFYUZfn1kz4G2kb4FIMc4ErIx2Pg5X4jqXIj7S9Njlnwp7IWWDlPWky58XQgraerJ6M1BF2auC2b7d4pVZEiBDEYM8NjBDFQyDjZpYHF7oY3kk0g-0Ucux4is2ZuVHNtu7hUTlQgU7ne19G3wX50phC_OxRe8gF9JSmLLcWBGEP6BwAXZpdZyZz-VvvmnPIO9kKw-WIgiYUtTu9IavcR_Hu_yLb3He0lSI0R5Vh030sjkfV5KqNrN8yctzgifwHB2VdO0nJwx2bE-8eG4Ylvh8XrJRYEnKRSei6azkyJvTuX5WSzkqqloTO30yOoGzkX4mzPHcY30AfRbd2B3x1U831eIqZFL-TQWOTbEltxNqHC8NfFVj5okfoemUvnPeOyQShG0ipvXDJPHRQXGryCkS1KnEh0y7knSaHU3rRQ
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
null
s0.2mdn.net/sadbundle/7988790760513552004/ Frame 7E72 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7988790760513552004/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7988790760513552004/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7988790760513552004/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sat, 17 Sep 2022 06:36:54 GMT
truncated
/ Frame 7E72 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
null
s0.2mdn.net/sadbundle/14349550522376953207/ Frame 796B 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14349550522376953207/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sat, 17 Sep 2022 06:36:53 GMT
Disclaimer.svg
s0.2mdn.net/sadbundle/14349550522376953207/ Frame 796B 		82 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14349550522376953207/Disclaimer.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
8e22b99e056e8225a28ae70bcccd20808d7ce099106ad919f18c1df0a5514012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196378
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12180
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 00:03:55 GMT
Text_1_1.svg
s0.2mdn.net/sadbundle/14349550522376953207/ Frame 796B 		15 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14349550522376953207/Text_1_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
f035ceb2322f2e77ac9957293e398bb0cbaee03d93c86d52f1961c5be1c2db34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196378
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3209
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 00:03:55 GMT
Text_2_1.svg
s0.2mdn.net/sadbundle/14349550522376953207/ Frame 796B 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14349550522376953207/Text_2_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
3fcc1cc10ccb611d9f46f040779b523c9a1789a20a50cc27cb50b872d146ed82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196378
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2914
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 00:03:55 GMT
Illustration_1.svg
s0.2mdn.net/sadbundle/14349550522376953207/ Frame 796B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14349550522376953207/Illustration_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
972129817e5284f4e50e3466e3c685815b87b03a3ee3b29cea56c65d90913ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196378
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1119
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 00:03:55 GMT
Background.svg
s0.2mdn.net/sadbundle/14349550522376953207/ Frame 796B 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14349550522376953207/Background.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
1955d32dbe4d727cabd975dff9651d7beca9b7df4deb811e90e929adf6a1c5d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14349550522376953207/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 22:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2769
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 22:36:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC7A 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuYvkBGslY62wB4i0vwS46rWYCAAAAAA4AeAEAg&bg=!MzClMHTNAAZqQh0mSkI7ACkAdvg8Wk9HCZTl4fDLNX9DqcEFlr3yex2tfPA8oi7UpVqh6JcHn30p7AIAAAClUgAAAAJoAQeZAuo2d2WzWNURBaDvwooh5NPXNpEHDFMeImsLzc9c4tzMk6LIkpd06gsnXLEmR1ThF1Bck03qbyOn1ELol3bJYevdx2ej-mJa-7KWNIkuBAjKkPaMmKboDR-JV1MVbq6uKlLEo-CV8QVwu5vVSM0ni1QA6jUtZ9owEXp8A3J5oamyWzMdzF1LWdzQH1J3d7n7_4l3zStpCnInlg9oVv3kvkieRm987HsCzdZdWunYmQoqlEt_M0vtj2eDqu9DQCmpRhuEXKR4mg-OFwJHZf5TYwaIfGT77BGSamrokHmcho9r7Y9eyTaLkcV83PhN2QDq0WItHpG-BnCVF3ssRdUS5Chphfg7FGScDEPKtJB2OMXrSet-dxZv3IfK2Bay0l6n0H4eqcHLPbtMESr3wUi3iEk1uCOyzAvIJGAYp8jTCh6THiRG-YlFZoXx78RUC7N48op5LV197xv834zxBaBfveGpZUt36byLilze6j0qIshpMHNChzkeCimKj2KSmTqXIxU89UniKqWEnQCRJ9mZ8NF3iXgiYjHQLgqPEvTRHnnL51svKBd8hkB6YQNTrpea9jxrn-YY2y3fhejrwlYOXpAVLSnHnpl86gCAdh94lM7RQatg7WCQYZquc3JamjWeJ8mLF-dsk6cdaxQuwU9_MKGruEv4rUOKEqVk4Nl-LZGoNyyHDCv14HIPTnTSOmQf_BdPdLyl4CwvqIpbWKDVgo2_YCV5IO7ot8ezhLjHRf7bHd2xG8GY2PjJ8x4T1EKGsS3bQoEQ31MI4A5TEPnr7DBXflKDHe_DqKQyBWWEjKMJzHhsczqA8Op0jEM3NLLnwU5wo89wXT7PCdDelHWit3V8wykKFrzxkspqbyK9WBY2nCtDLOtL2_X6YyCPoAfzuF2-UE-18U0XoZTySIK6XYJfG71Y0B7j4mwdRt-PJ4dKX5VE6MQjjx2jrl_Y8klQAuHq-HEvP0tUUCsuN6hauLeB9ELPwllRne5CSQ
Requested by
Host: 32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 796B 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame FBEA 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhSOkMCDiAstG-beGGSzI7xmXxpiLn2OYkOMfq7XMgIsR0POzfbuxFFCWfkvouE2JNfaw4cgpZeY86CIl75ip-ErzGUJ_ok6klmuItFcyQiNy9C_MSofS9IN3AMc_y7yE26QZ-jIPwfjiwIveQj3X6ZFByQCP58zOln9RRU14CmUhCRPhlSYPyl5u88haV0y0CZ4WnU2U5_rJlTwcKJx5NiSqus_77B3tqEgPPtUMfVMT135QRjj469WbdodfdZygIxvhs-xF45TBk1lFYdGh0CgfQOyCOvMjzjgsXsH778ds2pzHEyZHExMIg_Jhr2iHXOlzOMoUX38zPMh01_L7hX1hjKOTdE_WNi5ggZKTrK1nfCYI0pmD3HpPFlxZ72_w51gKhUbzS4XWdifaRfkTk-56q_S5G0_e2csjAmRbKo8OHaxewzCCXA8rNdsb5HoNuShkIW291i-rzs4f-f9MajfxlSNIDC4vqVw5IMVxBhnje3j5KJhRS_mWYU6EgD13Jax8b3kaLNkaiGM_fgkSTH1j5zqssYr9TNRYHLMf1Z7qZAhmPJ4AJSU8Gi3hEogfvvxwxTbMQZwL5hdeNhohCoKkXIT0saYyDy516eVRN8l4PKKP0wgPTJiV01Re2s-sIj36l4ueL5nBV6oTOs1edYNwvASZNDKQMz8TsdLEWWttdM3k5AEDnvoVm1POyl6qJYY_Dbe0REtrmmxkbxPdLPw5IOOjgMv4lZ7m-uAndAvxg0zZPrNyNnZtHaP1fMD_SOM-BdZGcxJQWi_e_LGL_--MyTAZvTe7Y2PoFHthz-MP5Ycrf4VhZr8QIUM5vqDoYUuVavoldDd75OGNZ__9UKwcMXQtiX4IH89Z7FQ7-oOa20eUhzq8z-AgYBBOMS47DVkzQnI-H14Kmwsxltk-3CGJJgmmQH7lhAVinEYfYmfFwHPJZldQ6J2MHDE0l6EFoRt5T5Jrcx33GQBEwZOa_Suq_6kI4qmhXkgQvmUl44ve6UlwFyK60XgrXojAlyx_RZPJas07qfAopO00PyifF0TWxiWbTkHdE7OIFW72w7ZsBAGhcOvsxVO6nEs9uVIGdM4y0JcDA4Yp7BTbkn1xDYcSRdLhI9NcrXaEzWeeFJ9l_jLJD0cryuU7BPjeT3_ODh_P3DMgZ3AY9qd6snoCuwNzeToWjHnYB6heCV4mfVWIEpY8jrJ5FA4N7M7Xa528TdXSOLORIMhg1MU6yoz5-0Hjz3-5YVFT0GcxIjxVZrUsRG5czYLkoRN81lKhgvs8SIsLABiPY7B38REiDQAio4UH0DIIGs2AroUiL3p-sHtclD4tvp_A2qVpP3iA&sai=AMfl-YSW3-DP8GawWL5jGCE-OI0xQirbzSipgkgRu4qspUHryDPA_btmJ2EIm_6yjYBRoy-fLc6vaZoG5IOQ9NT6cE2Tfc6u2M6S61Sz47UJNWimdVeWP3yQdVkwMdXrp0JBbeg-1aMVnfADWEzbUdWALwuXRD3aR_TwuvlG_YtKzyFsRTYZnmkNmpxYQ4VMzksPI4xhVTV4MRu7If1CCfme5w&sig=Cg0ArKJSzCfLFvR1CGMTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1220&vt=11&dtpt=634&dett=3&cstd=584&cisv=r20220914.84192&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 7DA8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2sdjCe1ltIxV_wr5AuXHe5Bc8U59Ig5dmEE06GWq8y-c3xZ8SFCxMzm-g49Fld8X2CjEkWRTTuzFM_PmkPlnjkX4sjvCYr5o-CUw30kK7pIJIRbUQ-MRNll_Ck6BDBvd1qc8&sai=AMfl-YSRnu0FiD9ZRhJTsr1LPix65KwIfupxqkwGss3ADHchkRwFl8juHmo3nu_TWX4c-wKqvjH2RqA2KNAtLZGD6FJKbecoAL3a5teDzj6GuvBsA1o7fQm6bTCqJyU&sig=Cg0ArKJSzEUtqVLRYZM9EAE&cid=CAASJORoUypq2S2j3gu4ZPuvCR9uVQ7cGP_4yfSa-9WNWlzLnYEVJA&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663396611502&rpt=1097&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 257A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxth95go7bK_TDZ2nJlKRFBSwCMp5__uovhvCrZFOW3mTppQK7GsXUGsIL9Lqa_oAX6g9hTEoGyCxCxqllGvkPo0XE&sig=Cg0ArKJSzKtVnSWXgn41EAE&cid=CAASFeRo-ZPTsmcVU1uhGXsfKs_TD2IbAg&id=lidar2&mcvt=1001&p=300,5,900,125&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663396611517&rpt=1142&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 17 Sep 2022 06:36:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
275787
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		330 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2672e52deffb47655d8baacf59db8d85463a269cfbb057303309786f4e70f242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1492836
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
2cd9e7ad892d3c9553264b7d65e3dad962d65ce21162d4e60fea96bcb2af89d6

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Sep 2022 06:36:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 17 Oct 2022 06:36:54 GMT
sync
eb2.3lift.com/ Frame D941
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
3a3b13c30a0a5639f0de528125b48454fd2412145a92608bbe927647859d4ea0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
457
content-type
text/html; charset=utf-8
date
Sat, 17 Sep 2022 06:36:54 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 17 Sep 2022 06:36:54 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 4206 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663396608571
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
db3ed1fe1ccb186047d1ad27e73ddc035c01a85249d1ea073f3440c2da4d618c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1375
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame BDDB 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e1d3b4aa25b6f43c94dff01691f031bf5f96db6e48e78a4e68684db6f8f2388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9336
content-type
text/html; charset=UTF-8
date
Sat, 17 Sep 2022 06:36:54 GMT
expires
Mon, 19 Sep 2022 06:36:54 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame CA15 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
7112
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 17 Sep 2022 06:36:53 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 8967
X-Served-By
cache-lga21948-LGA, cache-mel11237-MEL
X-Timer
S1663396614.966261,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 4B6A 		532 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ce453b911638f479d314259969ff73c2728caea46ed63fd87834e0e1c84ce79e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sat, 17 Sep 2022 06:36:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 909B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Sep 2022 06:36:54 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame A866 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.81 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
84071
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 07:15:44 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 ac13acf57c23911a257fe4535c510b00.cloudfront.net (CloudFront)
x-amz-cf-id
7a3u5cVI7CP4WE4IyilohOsWtY0nryPgkpxCQmN_FHHTsAArUAVizQ==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame F637 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1662648504901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.10.23.66 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-10-23-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Sep 2022 06:36:54 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L85JE5AG-24-AYT1&gdpr=0&us_privacy=1---
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L85JE5AG-24-AYT1&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L85JE5AG-24-AYT1&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D...
  • https://prebid.a-mo.net/cchain/0/259?gdpr=0&gdpr_consent=&us_privacy=1---&A=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnV...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%26bidder%3Dappnexus%26cbx%3D...
  • https://prebid.a-mo.net/cchain/1/259?gdpr=0&gdpr_consent=&us_privacy=1---&A=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&bidder=appnexus&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVp...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca7...
  • https://prebid.a-mo.net/cchain/2/259?gdpr=0&gdpr_consent=&us_privacy=1---&A=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&bidder=adform&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd8a7cce4-32b8-4acd-a18a...
0
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=d8a7cce4-32b8-4acd-a18a-497ca754e2e7
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A&gdpr=0&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A&gdpr=0&gdpr_consent=
date
Sat, 17 Sep 2022 06:36:53 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522238326638056381&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522238326638056381&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dfd1e307-4499-4171-932e-216466fb2c9b&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522238326638056381&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232173304277004068172&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522238326638056381&ssp=adaptmx&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10522238326638056381&ssp=adaptmx&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10522238326638056381&ssp=adaptmx&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FBEA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupFAEZSdV3M2nS8XcSO5eZULVj1qUAgHAFyF1VEiz5R4G30OgrOviUpUhaH-31f7WHuL05AXJ4rkaDovK8azZnFNXpdyJhWtk5Cskg1gu_1RnQMEFXJXBn92Vw5l4HNgRhaZA&sai=AMfl-YRO80rd83Ur_p8YmzEt3gUywj_XoNK3RQ3UcqdMV0iqtlqKHm4aR5pbuLgj-Lvc2tFxLhQN17UNTecR932oyFZALle3WvXmb8VR2XbHqqqVeyB6rPf3AbM_mzc&sig=Cg0ArKJSzIBkLs6xZ2JUEAE&cid=CAASJORo-rMgy9mp9v1Jp-DoNqYKYFeHXuHsIwA4pCGzunMGYenDnQ&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663396611506&rpt=1238&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8309519658703107450&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8309519658703107450&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8309519658703107450&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b29abb08-4cdc-7054-d1a3-ba06f69beb1d&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=b29abb08-4cdc-7054-d1a3-ba06f69beb1d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=12214519-0c4c-48e8-a8e2-7a416271dec6&ttd_puid=b29abb08-4cdc-7054-d1a3-ba06f69beb1d&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=12214519-0c4c-48e8-a8e2-7a416271dec6&ttd_puid=b29abb08-4cdc-7054-d1a3-ba06f69beb1d&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=12214519-0c4c-48e8-a8e2-7a416271dec6&ttd_puid=b29abb08-4cdc-7054-d1a3-ba06f69beb1d&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YyVrBsCo8YsAANFHh8YAAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YyVrBsCo8YsAANFHh8YAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
38
Date
Sat, 17 Sep 2022 06:36:54 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":38,"gdpr":false,"ipv4":"103.209.254.5","key":"YyVrBsCo8YsAANFHh8YAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad294"}
X-SO-Ads-Time
1
X-SO-Key
YyVrBsCo8YsAANFHh8YAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad294
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YyVrBsCo8YsAANFHh8YAAAAA
Cache-Control
private
X-SO-HostName
m-ad294.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-IP
103.209.254.5
sd
jp-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASQL1SOsni_pks8ADsd_xUMQB88AAAGDSioUYw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASQL1SOsni_pks8ADsd_xUMQB88AAAGDSioUYw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
via
1.1 6a453f38d14868702eadac9560675990.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ASQL1SOsni_pks8ADsd_xUMQB88AAAGDSioUYw
cache-control
no-cache
content-length
0
x-amz-cf-id
5oCAfJThELmlCWaQ7L9M_xfGjKlyli0Qbdtmy83F6OkSdrHRfbbKoQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4B6A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWVmNTY4YzItODVhYi0yZWYwLWM0NDMtZTBiZjNjNzkyNTdk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPEqRKI69Yg3wjXv0j0xpw0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 3863 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=gNq1YSvyWr9BMKWbEHeXSvgm-dZIoGJwj6EFg7_aK8QJxv8JY_3E2dKwVhJGkkzlM8hYG9p6hsbNSWrWMszDrogjdlwhHpflD4rKbZaDeuUE2mfGNe2ezz2rsITJRq-6jGhTidZ2UI572zv-zxTDZmCg4PNTL8LEERQpx7QNS05MRivDiA9OoXi25Qyhwm6txVOYLgM12Ghy-M0BI0Pmb0xXHMRTeOND3vTA6BnxX1iXheCgOpco88nJK-OblvAqf79xdg&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YyVrAgANjMcBc9zxAAsLWcCeGnzbRykBj1WbbA&u=%7C47GUdvNV89m3VgPvNDrj0pQWXT9R83ZhMn%2FugJpvszg%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgOUkYPnH5oHYY7yG_CU4-VBrn4jPUhLMUkrnuqnHl-H_FFdrBFTs4Y4nwe7awxmwOHnru92gJ9hOxxLxGjDtSEzwFqo251PGrcYnhC0NECtaOmMwEQf1FZZoWOD6pxEz1DyFfNkCJlroMHGPt8Q7EYC9sJrBIki4Twf4E71d_oXYwSIYcxhQyShvl7uHC-eQCkHsSe4SgEWHVzWuCA3IB1g1OLdQ99wFCZJMtXsRrRcx0x4xn3be6bkrpBb2mJAzkxmHwVDZWgPI_36eEz-pbz01VQFpDD1l-626vmOpcGoANW8Rm0KtbXXoHptiZUyaNJ39Az4Krnu6laCFbpYcVLrCO1Krpn0syrQTqartmnhj-Iivel_mdeD64XTva2TzSReWJQsVhglXGZH60JJQX04OdqXvjY5u_JOBLnRDFP7JNcR56V_YM2nKnFNU7eFXNmVvqdHSXln-Bk3fy5yhjtTvxs9SC_FkvGL6Ym41XERrfGYeyCphCc6Aq_P4S9uBTQGxeKPMSQg1iyb5tTn7ourhx7Z-AFdF7jJjQURo1ZseTIEfn9EVCiui0AJC5DRcsPGRATErcVUo4SOJ63KPdwuYgqpttU-DJ5Y2iYsBsQmA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbhVYAmslY8eZNvG5z7sP2ZasmA6Y_NGxXKqEzOSFAcCNtwEQASAAYKXAo4CkAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCBitKh4qIpj7gAgCoAwGqBMECT9CDDcie4yHSiH3n18htFHY-gpYLSyD2U5BrJuQfac1ZuibqV-NTYt_az0h9D4KJFWTrjiJIDg7WbOmL3MNxqIX3_ljJdh51-VPrHojZOy8FS3jr6rzO64QvujtOw-ag873uUEZwi4E8UuJPwBLita04qSGYzLH_TcO1W8teKawDp2extzyKwvBzeUmlplXphDLOfieqwLCqZlEXSqHUZdhcUUZD6RSO9CBGHBjK3MsGlsfwuJOQqZWuOBTRB-CkY6A_LOmFF0-hfxOz_ECVqQjQojPtzD1rfu6UU2Psg8VOD3gkWiyQ0ZmwmQjRn2724krvAVDvXge2At8HK0CMQj47Ly3_D548-Ma-WYarnjT8OnX2mgBiAsbqqrm3y-WEzyGk0OKev--ekwCvJO9HvWYdhvJ8lIzt5QCe-YBnLBpu4AQBgAaY2-GBlPC55_wBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dn9voMWGox_mPYxmte60ZdGOS4g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 17 Sep 2022 06:36:53 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
async_usersync
ib.adnxs.com/ Frame CA15 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:54 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3371177a-d87b-49b3-9641-9c996449c86d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 4206
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sat, 17 Sep 2022 06:36:54 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Sep 2022 06:36:53 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4206 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 4206
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=856669627834921461
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=856669627834921461
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:54 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8afa41e7-3da5-4477-a11d-a3cf9e5c1bab
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=856669627834921461
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4206 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=wS7QKigpaG2e7UTtFVXPSliJGXyKWUhrlYbZZ6v9S9w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4206
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg0oqER-KlViqn8GZrsmL1gBl4q73JuiLRw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg0oqER-KlViqn8GZrsmL1gBl4q73JuiLRw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg0oqER-KlViqn8GZrsmL1gBl4q73JuiLRw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 4206 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
content-length
0
/
onetag-sys.com/match/ Frame 4206
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCIbWlZkGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Sat, 17 Sep 2022 06:36:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4206
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GnqXJ1P7O8Y_TrflH9Pn75_IF7hf4fPrveFRQ0lrMLY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GnqXJ1P7O8Y_TrflH9Pn75_IF7hf4fPrveFRQ0lrMLY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9EYCF70Z79WK70VEB2AE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GnqXJ1P7O8Y_TrflH9Pn75_IF7hf4fPrveFRQ0lrMLY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 4206 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
content-length
0
/
onetag-sys.com/match/ Frame 4206
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDTVg-_CkudTzcarzjnZfHQ&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDTVg-_CkudTzcarzjnZfHQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDTVg-_CkudTzcarzjnZfHQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 4206 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 4206
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
sync
x.bidswitch.net/ Frame 4206 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1663396608571
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 909B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52818
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sat, 17 Sep 2022 21:17:12 GMT
cksync
cs.media.net/ Frame BDDB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2Mzk4MjE0MTUzMDE4MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEC0XBjAL9qmUwsmRlbaABvs&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEC0XBjAL9qmUwsmRlbaABvs&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.48.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Sat, 17 Sep 2022 06:36:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEC0XBjAL9qmUwsmRlbaABvs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D941
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=12214519-0c4c-48e8-a8e2-7a416271dec6&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=12214519-0c4c-48e8-a8e2-7a416271dec6&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=12214519-0c4c-48e8-a8e2-7a416271dec6&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame D941
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM2NzM1MTI0MjUwMjAwNzkxNDk5
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D941
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELwpZeMPK_Uv6eAipns_rNE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELwpZeMPK_Uv6eAipns_rNE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELwpZeMPK_Uv6eAipns_rNE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D941
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM2NzM1MTI0MjUwMjAwNzkxNDk5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM2NzM1MTI0MjUwMjAwNzkxNDk5
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDM2NzM1MTI0MjUwMjAwNzkxNDk5
date
Sat, 17 Sep 2022 06:36:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame D941
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=436735124250200791499&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=436735124250200791499&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7580bbdb-d7c3-4c24-bc96-77478abf4ca3&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7580bbdb-d7c3-4c24-bc96-77478abf4ca3&_noobservation=1&_expected_cookie=55cfae0...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7580bbdb-d7c3-4c24-bc96-77478abf4ca3&_noobservation=1&_expected_cookie=55cfae077882a148f48a12b5bf82d9d4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 17 Sep 2022 06:36:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74bfd48f595e5ab0-MEL
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=7580bbdb-d7c3-4c24-bc96-77478abf4ca3&_noobservation=1&_expected_cookie=55cfae077882a148f48a12b5bf82d9d4
date
Sat, 17 Sep 2022 06:36:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74bfd48e0e835ab0-MEL
content-length
0
xuid
eb2.3lift.com/ Frame D941
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=436735124250200791499&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522238326638056381&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dfd1e307-4499-4171-932e-216466fb2c9b&ssp=triplelift&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522238326638056381&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232793304277004066840&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522238326638056381&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sat, 17 Sep 2022 06:36:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame D941
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/436735124250200791499?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-jCscpLdE2oSO6QrxX0dmJmCjnCLAr0UqZefAp94x.A--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jCscpLdE2oSO6QrxX0dmJmCjnCLAr0UqZefAp94x.A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 17 Sep 2022 06:36:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-jCscpLdE2oSO6QrxX0dmJmCjnCLAr0UqZefAp94x.A--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame D941
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=436735124250200791499
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=436735124250200791499&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=436735124250200791499&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
4VFCNE3H8G3JGC81NNDG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=436735124250200791499&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame D941 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=436735124250200791499&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
etag
"8766f3fc1fc7d81:0"
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 880C8290A51B4D2AAD549EFE3AF91E8A Ref B: MEL01EDGE1409 Ref C: 2022-09-17T06:36:54Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame D941
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=aAawPcYEyasrVMwXtq22&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MFAWC52QMNMUK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aAawPcYEyasrVMwXtq22
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aAawPcYEyasrVMwXtq22
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=aAawPcYEyasrVMwXtq22
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 114E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c02fbfd17a9a252d634584c0d7c1f1760ceb15436cdfb91bdb605f8d4f923fa9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74bfd489efa25ac8-MEL
content-encoding
br
content-type
text/html
date
Sat, 17 Sep 2022 06:36:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Sc6oXGOxPGOSsMLB8WMXU31%2FfIZDxPWAP1sn9%2BKysk8SC3SbK9xndzGmFcD28KngpW7c04ePbVOfu%2FFgtUXCIbZ1UdOO%2F2IhRYuXAmnm%2BFTuLKhtI1gFni8boVMnvq4doDIVqVzOTaxCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
setuid
px.ads.linkedin.com/ Frame 909B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L85JE5AG-24-AYT1
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L85JE5AG-24-AYT1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 416BCF05116945B9A1FFF02C1E4FE7C6 Ref B: MEL01EDGE1411 Ref C: 2022-09-17T06:36:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXo2bRi8MaQaj1GJNWWfA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L85JE5AG-24-AYT1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 909B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED_Ni8CQtdZo8kXpRvc8PCw&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED_Ni8CQtdZo8kXpRvc8PCw&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESED_Ni8CQtdZo8kXpRvc8PCw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
pixel.rubiconproject.com/ Frame 909B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4fWLaylmSoqTxxT3EWxceg&rk=usync-na
0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4fWLaylmSoqTxxT3EWxceg&rk=usync-na
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9GT3AK5E9A6CN613WXE0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4fWLaylmSoqTxxT3EWxceg&rk=usync-na
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 909B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg1SkU1QUctMjQtQVlUMQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg1SkU1QUctMjQtQVlUMQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg1SkU1QUctMjQtQVlUMQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 909B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 909B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/IU2h0V1tgP4UF_dSij7n8Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5586413047694589838
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5586413047694589838
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Content-Type
image/gif

Redirect headers

date
Sat, 17 Sep 2022 06:36:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5586413047694589838
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 909B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WmrMkCBQSQeN-xdelfPoBw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WmrMkCBQSQeN-xdelfPoBw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WmrMkCBQSQeN-xdelfPoBw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Server
54.239.38.253 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
Z6YEZAWZ1J8YTDFT51EX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WmrMkCBQSQeN-xdelfPoBw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 909B 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8306 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
140330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:38:04 GMT
expires
Fri, 15 Sep 2023 15:38:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B20B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
bf4b52831f7dcf045d2e795dd2d476a5ee9aeea293d9f6e17776c12817d07662
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-11ivOZh85PXx-20i1yZW2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-11ivOZh85PXx-20i1yZW2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:54 GMT
expires
Sat, 17 Sep 2022 06:36:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBB4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
140330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:38:04 GMT
expires
Fri, 15 Sep 2023 15:38:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5843 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
4eed791092e5284749cc5b1a2baa8fb4066877b361f9e1088ec52a442d24f4c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C83pN3TLOFo5Qgvt2tXyjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-C83pN3TLOFo5Qgvt2tXyjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:54 GMT
expires
Sat, 17 Sep 2022 06:36:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CF0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
140330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:38:04 GMT
expires
Fri, 15 Sep 2023 15:38:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F275 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
1b7b9e709623cad00d30a4ac075f1ad5bd10630f7339f90d130c41a2d8b48651
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vuTc9hUTBz_0vcfJtjltPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-vuTc9hUTBz_0vcfJtjltPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:54 GMT
expires
Sat, 17 Sep 2022 06:36:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E22C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
140330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:38:04 GMT
expires
Fri, 15 Sep 2023 15:38:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0604 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
ab642385effa4e7b842662ba37d0453042d2c627ca7a7ec1f7277d5d2c42314d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mPxOxqdOAC_39hCU-eJgyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-mPxOxqdOAC_39hCU-eJgyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:54 GMT
expires
Sat, 17 Sep 2022 06:36:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 114E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=12214519-0c4c-48e8-a8e2-7a416271dec6&expiration=1665988615&gdpr=0&gdpr_consent=
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=12214519-0c4c-48e8-a8e2-7a416271dec6&expiration=1665988615&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd48c0afedf8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkRTfJBFVbj7%2FeoHFMXCn71RJxlne10m0A4R6qUlr0tDkEl21TfEIVxEH%2F3qL2wtzRifRXQIYvYZVTnK34LzOAIw3W8VDSblvBryNR6gmhp7RnlCUEnKw%2F1mrP%2Ft7GcPmKXztBpRPzUgbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=12214519-0c4c-48e8-a8e2-7a416271dec6&expiration=1665988615&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 114E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBLHfLp4As2MRNPWaqDoKXE&google_cver=1
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBLHfLp4As2MRNPWaqDoKXE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd48dfaeffe9d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qsmZfV1uPm6B7K9Dz9RU8PtHVeGKkkdCv%2FmKomECI0lBRT%2FOWu2RrkuI7GC%2FJMsK9oLg2ey1Mun5HF3grgydCSRHH8WqNEgUNQPfJ14wmvbGcW0fGGWXIN6fALVHUqQXwmIU%2BgeStWCZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBLHfLp4As2MRNPWaqDoKXE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 114E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:56 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
WYYVAX90EZDKFTMSSTB6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
2YX67RM5GKX380FYD3W7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 114E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.66.227 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-66-227.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 114E
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=15ea77de-b6cb-a337-4b9d52b7
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=15ea77de-b6cb-a337-4b9d52b7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd48e7e86df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHWNsQeQ0hDu5pPAwus86uHdIVjCdTNKOG0Q5PQdlhZHIMMVaElw2vSgfyuFw3BtISucmXBhfjJneDyhFY4mF4v%2B5NwIBzYjGhl%2B%2FHFzVwbX%2FotyNrJdIg8sP9JYnZbHAscMCvsA%2F7SrrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 17 Sep 2022 06:36:55 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=15ea77de-b6cb-a337-4b9d52b7
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame 114E
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63256b0762b4e&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63256b0762b4e
43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63256b0762b4e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd49058c3df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmRH01djbZV2iMEvSc3bqPT3k%2BNU1YPWHNkUHgeLdH0S%2B5OFr0zraGAN%2FS0%2F4s2%2BZ4dyR2xrg6zs2yIwM8thgtYkIbV4D8AVlwFuEpIPdXnyusHjJwOm%2FiFiodHMUIEDH%2F%2B7%2BkrdcxwgaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 17 Sep 2022 06:36:55 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63256b0762b4e
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
458249.gif
idsync.rlcdn.com/ Frame 114E
Redirect Chain
  • https://idsync.rlcdn.com/461886.gif?partner_uid=YyVrAYu0W8DwXovNsZOEYgAA%264747&&gdpr_consent=&gdpr=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5a37884422cc9cda53562728087e3118d2f986d0a93e4258eb23c44ec40a6ed5791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1YTM3ODg0NDIyY2M5Y2RhNTM1NjI3MjgwODdlMzExOGQyZjk4NmQwYTkzZTQyNThlYjIzYzQ0ZWM0MGE2ZWQ1NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1YTM3ODg0NDIyY2M5Y2RhNTM1NjI3MjgwODdlMzExOGQyZjk4NmQwYTkzZTQyNThlYjIzYzQ0ZWM0MGE2ZWQ1NzkxNDI2YjU0MTdkY2UyMRAAGgwIh9aVmQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0883de3c-37cd-4fe6-b198-7bbcb0ab828d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=0883de3c-37cd-4fe6-b198-7bbcb0ab828d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=0883de3c-37cd-4fe6-b198-7bbcb0ab828d
date
Sat, 17 Sep 2022 06:36:56 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 114E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=__Qgn-PgTm9lNW95aLIVvWfR_gU
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=__Qgn-PgTm9lNW95aLIVvWfR_gU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd492ab45df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CF2iOLBscKrnEMXRaG9%2FEuSjQpFgWoony0vdfuysbAv8BYUOjU0JnusiGraL5cms7JU3%2BVJcEfUaQtZs6O3cQ7LOmrOI%2FFzQY4YeoXko90YeupA5eSmYMJ5h9qhhhvcyMOdnNJD6sx2rw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=__Qgn-PgTm9lNW95aLIVvWfR_gU
Date
Sat, 17 Sep 2022 06:36:55 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 114E 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YyVrAYu0W8DwXovNsZOEYgAA%264747
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd48def3b3774-MEL
date
Sat, 17 Sep 2022 06:36:55 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
116
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Sat, 17 Sep 2022 10:36:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B20B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=1882226508588972&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 8306 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1493 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50682
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 17 Sep 2022 06:36:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Sep 2022 20:41:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 0381 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.48.215 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a38058ced70378beaa0049a915c0c8642ea1a64fe57133c95d11c7b27522b4df

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 17 Sep 2022 06:36:55 GMT
etag
W/"0f9643985735f2d141c7d75708901f697"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 7365 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
b5c61545f89d1eee586476c647772932fbe5be2dcbb7e91ef750768adb6dcc99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1396
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 62F8 		851 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
08924dd71bcd2afc06fd2d045500d9a566164079adbee6e824c2a1345ac45d00

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
851
content-type
text/html
date
Sat, 17 Sep 2022 06:36:54 GMT
usermatch
ssum-sec.casalemedia.com/ Frame EF82 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff0824ab302cadc41978bd089cae6c65e1940daabb5a2b62c348f70dd2392d8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74bfd48dfaf1fe9d-MEL
content-encoding
br
content-type
text/html
date
Sat, 17 Sep 2022 06:36:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgtz6irH8ViSfLaNyT95uje4cIAIV2o5nLFcyCDrEYnXAq8VpNuH3K0VO4AiHXPE3Pggn68KhnIiDiSovkmvtRqEvQt16%2FQrSTnDeVlOJEyBaCuXoSnGX80R%2Fejk3YqoVd7Qk3YpBw%2Ft7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 27C1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Sep 2022 06:36:55 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 17 Sep 2022 06:36:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame A866
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L85JE5AG-24-AYT1&gdpr=0&us_privacy=1YN-
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L85JE5AG-24-AYT1&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
3.230.47.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:56 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L85JE5AG-24-AYT1&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=856669627834921461
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=856669627834921461
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
149d0e67-1a8e-4f8e-8698-9b7bf9ee8761
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=856669627834921461
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FVHMBLZHYsDqiHmfRLGn2gYE
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FVHMBLZHYsDqiHmfRLGn2gYE
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FVHMBLZHYsDqiHmfRLGn2gYE
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FVHMBLZHYsDqiHmfRLGn2gYE
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FVHMBLZHYsDqiHmfRLGn2gYE
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

date
Sat, 17 Sep 2022 06:36:55 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
location
https://ads.servenobid.com/sync?pid=310&uid=FVHMBLZHYsDqiHmfRLGn2gYE
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=7ed099b2-7753-4677-936d-7d5cf8d40424
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=7ed099b2-7753-4677-936d-7d5cf8d40424
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=7ed099b2-7753-4677-936d-7d5cf8d40424
Date
Sat, 17 Sep 2022 06:36:56 GMT
Connection
keep-alive
Content-Length
119
Vary
Origin
Content-Type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1663396615538
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8009163769
  • https://sync.1rx.io/usersync/tradedesk/12214519-0c4c-48e8-a8e2-7a416271dec6
  • https://sync.targeting.unrulymedia.com/csync/RX-749f24e3-88be-44fd-876c-97b286ce6701-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-749f24e3-88be-44fd-876c-97b286ce6701-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-749f24e3-88be-44fd-876c-97b286ce6701-004
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-749f24e3-88be-44fd-876c-97b286ce6701-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-749f24e3-88be-44fd-876c-97b286ce6701-004
date
Sat, 17 Sep 2022 06:36:56 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX749f24e388be44fd876c97b286ce6701004
content-type
text/html
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1975461765263481798
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1975461765263481798
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1975461765263481798
Date
Sat, 17 Sep 2022 06:36:56 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=a8e157cf-664a-471d-ad65-b4df4a3bbe37
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=a8e157cf-664a-471d-ad65-b4df4a3bbe37
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-77
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=a8e157cf-664a-471d-ad65-b4df4a3bbe37
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame A866
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F621%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca7...
  • https://prebid.a-mo.net/cchain/0/621?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=d8a7cce4-32b8-4acd-a18a-497ca754e2e7&bidder=adform&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
0
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
date
Sat, 17 Sep 2022 06:36:55 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-749c1111-eb65-3456-a62e-bfc9b5f8a859
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame A866
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
date
Sat, 17 Sep 2022 06:36:55 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/pagead/ Frame F275 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=424218493006684&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5843 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2834201891224365&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame EBB4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
async_usersync
ib.adnxs.com/ Frame CA15 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bddfc9c5-ed08-448a-88a5-caedf3ef10c2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0604 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=4486120995357876&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 7DA8 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-6Glo12BL3C2AhuOwB7hEm4ZAl6SX5P9E8fyFeTDb7rwPqEtkssfAQEk2UcnK31zTEzow5Y7DbjWnOVCwIK0E8bL91DJrsvzTlBwaBqfOoQhYqM2aLGzm3pAnneZFqxstlva9qzwE7RLEn2wWlb9SfxBPDjYhdhcal4MyLK4ORADhL04NTOobEH8Ysu8AEANQrOZmFnL4zcC6nIdWWoh6u1dPBexmvsdDBPZdtwcKu7KZSh7o7UrBfmoeYR9X-GPd6EfALoXd2Et8Y9XK1Q0wtnM1ljF_DwAP0unLu5tN4aDW2dAR0IwY9a729yleTg7D08gEt6AShJ-Fz3qP7QMggrBIFeQik4TT88NXNcC3qwflHYCD5J5GhieTCNQ_KJDiWGf0xe5_oYxI16qaN-AzrFs-Lmj_B_rQg3xjtIzIVTI9MhTQlVrf4SKKBxDk3zZrP_iV9DiTyPs6Cip2iockvop4gchQSHSZqERv0_kSKEiz_bPzZrpxJzBQ8WsJhIa_qxKrUlvCgNXq29zgXKaHUXunW49LGtXbXGqYeCAClQT33cD-U5hyNPHrbTtd6M-8YZPA9viq665z4F30758capUI5Jn6-vXXb2wncynRl0MKY5xB_m1Aa9fTOkrGQdOKV3l0-sPvXsf5rf2zX_rvD7qVCnPsbthEn8ML73X-xAt_mZ4OWVb8o4BzdH4JCjGlfTqKhorl9nvF0GbkeesFnBvPIyNdSjGSZN4_k3z515EryS0psfY5GL9VEDqKOiWxNOLvUy5_8QwAYG9HfnlTIYY4DxywcYmK7sFFjWoTz3QIrA__E5_LmxPO01uLRt_l3NDGOiyi_z9NUZ42VI-srSHSP61wvzdkf5n-EFSFHuBhv_iBughR8oZR8tp8WhobxGwa1-um1kA_NPS88Js5KN2QdxsqX7Lc9oG0CADL95IHfsOFOaPcn5aLfRJBGIU8fShr1emcFJmvtHbVTPlKhXO5toFeoxjpnXmm0h_Lv4jE7iVhdiQHkJVe-rd6o-nR4xTAKNRCXFRI_n9RY_SFPr1yi29Ifm21r7KTk2sYyj32JtThr1HG_Tv2SBGi635gJN8RQh_aE1MJqUeXFRR4aV7JRfkIpAmRcydE3HwD8uuXdyNyRLWLdOAbFQYYEOY6TxbEtwCE32iwxnar7sZmCGyI3s5WMLZupk7tbm3t59kZRu87fCaT8KCB35h776v8KKg49iPUxE0JR_PTpzc0meX7u_7Ts1-VzKAN7tw9J9N2XwQVpGMWnWKQ0XDegDY7SFHEeZtr2DUznjHLMcCAUbVbuuN5nuv3SHQY8IjYUf80lYElIfdPH9w&sai=AMfl-YSbFl4qr0SqDyTNLO8D9tvsASdm7h2R9Y11Ctjo-5P3Fr4_8oeJI0ihfeIwxc2Q3QmmNf6DO_ed8fm0aeKz0nJg5V0NY4m2TZROY0poDyBrBG5rO3sqniK4ivvoUY9IKGRMzoiPcQwJ4N_-njChGhmhm9oXS_1FUs328OeZi2GvpY4a3LyqJqy_Z1cxdNklGHVQB_iq5peCDNINoKI1sA&sig=Cg0ArKJSzBq7wvivsGRIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2783&vt=11&dtpt=2258&dett=3&cstd=524&cisv=r20220914.62008&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 1CF0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame E22C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 22:33:39 GMT
generate_204
tpc.googlesyndication.com/ Frame 8306 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kPGe8g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7365
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg0oqFcjoSrUFH7iNcT5T23r73HoEK6puWQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg0oqFcjoSrUFH7iNcT5T23r73HoEK6puWQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg0oqFcjoSrUFH7iNcT5T23r73HoEK6puWQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 7365 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 06:36:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 7365
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sat, 17 Sep 2022 06:36:55 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Sep 2022 06:36:54 GMT
/
onetag-sys.com/match/ Frame 7365
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=L85JE5AG-24-AYT1&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=L85JE5AG-24-AYT1&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://onetag-sys.com/match/?int_id=2&uid=L85JE5AG-24-AYT1&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
/
onetag-sys.com/match/ Frame 7365
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=856669627834921461
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=856669627834921461
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1c24416f-25a8-4a7e-bb0b-210bc8ad9f21
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=856669627834921461
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7365 		42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=GnqXJ1P7O8Y_TrflH9Pn75_IF7hf4fPrveFRQ0lrMLY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 7365
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3111016126218390619
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3111016126218390619
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3111016126218390619
date
Sat, 17 Sep 2022 06:36:54 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7365
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iKZCNxl4eg0Gd7_EcAUTIBmE2bP_hZISS9AmXqgilkc
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iKZCNxl4eg0Gd7_EcAUTIBmE2bP_hZISS9AmXqgilkc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:55 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
GSGJ93G8RBARAKGDFE5Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iKZCNxl4eg0Gd7_EcAUTIBmE2bP_hZISS9AmXqgilkc
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 7365
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
content-length
0

Redirect headers

location
/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
date
Sat, 17 Sep 2022 06:36:55 GMT
content-length
187
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 7365
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDTVg-_CkudTzcarzjnZfHQ&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDTVg-_CkudTzcarzjnZfHQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDTVg-_CkudTzcarzjnZfHQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 7365
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-XAyd9T5E2uFdwmhvvK1HO1IbAN.xuEVvkqBlXg4-~A
date
Sat, 17 Sep 2022 06:36:55 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 7365
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=12214519-0c4c-48e8-a8e2-7a416271dec6&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
/
onetag-sys.com/match/ Frame 7365
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Donetag%26bsw_param%3Df98ada23-bb7a-4d68-a2f4-7fe4fe49dce4...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=93496325-6b06-4100-aab4-1eb9b4e889cb&expires=30&ssp=onetag&bsw_param=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=30&uid=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent=&us_privacy=
Date
Sat, 17 Sep 2022 06:36:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 7365 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=GnqXJ1P7O8Y_TrflH9Pn75_IF7hf4fPrveFRQ0lrMLY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generate_204
tpc.googlesyndication.com/ Frame EBB4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ctOdmw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame E22C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ixHH9w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 1CF0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lmYB6g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sync
ads.servenobid.com/ Frame 62F8 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4834885040984968302&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 62F8
Redirect Chain
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=1b0bb1ba-fa10-4224-a5b7-18fdd501876c
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=1b0bb1ba-fa10-4224-a5b7-18fdd501876c
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:56 GMT
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=1b0bb1ba-fa10-4224-a5b7-18fdd501876c
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
get_user_agent_id
cookie-matching.mediarithmics.com/v1/ Frame 62F8 		0
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.150.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
/
rtb-csync.smartadserver.com/redir/ Frame 62F8
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030002_63256b0762b4e&gdpr=0&gdpr_consent=
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030002_63256b0762b4e&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 17 Sep 2022 06:36:56 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030002_63256b0762b4e&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
v1
match.sharethrough.com/sync/ Frame 62F8
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4834885040984968302&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4834885040984968302&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
54.255.75.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4834885040984968302&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
PugMaster
image6.pubmatic.com/AdServer/ Frame 1493 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52838256&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
150db757e9651b853d3f0b9d871e34733062a0362a84288006c5e1684c52142b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame EF82
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=856669627834921461
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=856669627834921461
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd494cd78df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7pSp3qKYHqBM20EEgaRpT%2Bh27c8RWcfDRT3bT0TRuSaALGKISD2Mcuk9Qm9D8%2FKsn48290zIXSjG37mhv4UYp%2Ftsb7KSy6QSeJhz6Y2pfZCVOpP7CsgEb4ZaLkXGrIBby%2FNcpbEdaUfdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:56 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
11ccd56d-2f4f-4c68-bb1f-11f0c5fc80d8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=856669627834921461
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EF82
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
13.251.66.227 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-66-227.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB
date
Sat, 17 Sep 2022 06:36:55 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame EF82
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEZLU7GStYAAA7frhnYIw&expiration=1664606216
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEZLU7GStYAAA7frhnYIw&expiration=1664606216
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd497f997df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yv8Tc1MsWSSqKmMawY8hunsykRTGVb%2BPDmLimMVr1SkaVo3jtbEyvlgwuAII3uALlalPD4BWAaglu4WVTB0CyXvSSiO%2Baxk5Lna8f60SQEsG32SiBPe3qbMRXUmaomOFd13N9sNi6AOSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEZLU7GStYAAA7frhnYIw&expiration=1664606216
Date
Sat, 17 Sep 2022 06:36:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame EF82 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663396616.924835,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11230-MEL
rum
dsum-sec.casalemedia.com/ Frame EF82
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=30f66e28-e533-4de4-84e8-41cfc54abb34&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=30f66e28-e533-4de4-84e8-41cfc54abb34&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd4940cb9df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRFGuckO4%2FSTrP0%2FGx509pWJdf%2FoOHpg0B56jqhZBsZx6nSPF3zycUKqCbkjQvk4I0P7Re%2Fm3oRpMV6rv1eUspdRSmHhUGQWDoX1djKF%2FOY750zGo6xzHBUfXXX67DJxKUKW3wFfLhx85Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=30f66e28-e533-4de4-84e8-41cfc54abb34&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 17 Sep 2022 06:36:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74bfd491abdf3771-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
rum
dsum-sec.casalemedia.com/ Frame EF82
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=2GhWljDkSP5QkmTzbFymPWfR_gU
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=2GhWljDkSP5QkmTzbFymPWfR_gU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd4941cc0df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRQMli07lj97LM3HLAsX5CKsaycxJFlqHUeqfWXHtSCfNU%2BwDptq1D1ujQ72e4Vf11tObf3hrWnV2wyVe19G8Je58DwppBcc47ms%2FQWv7PE5zl%2BWPkwL95KQ54jHLsYpRlOPI07RGpsQjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=2GhWljDkSP5QkmTzbFymPWfR_gU
Date
Sat, 17 Sep 2022 06:36:56 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame EF82
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63256b0762b4e&knw=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63256b0762b4e
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63256b0762b4e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd4938c37df8d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqJeWOrUGFYkWq2sftc5DBzWGvfj7Fvu%2FmXpd4iFv06K9V607hTA2SSdpdaZtTxaIxP1S8rQX2b6%2BkRe2fc6jnyQQk4VG1JPAHhLxQLgehUEFOfbUSVhM8ta9upv8I%2BCeO0mu3VCZt0JMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 17 Sep 2022 06:36:56 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63256b0762b4e
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
usermatchredir
ssum-sec.casalemedia.com/ Frame EF82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBLHfLp4As2MRNPWaqDoKXE&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBLHfLp4As2MRNPWaqDoKXE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
74bfd4919f3dfe9d-MEL
pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nd5fO8PSaWV5P6yufIkCSJdQWD1SkumekuOfkZCbyROaYSkahXOGMNpzGmi4Nh3UAcnicw3y%2BUnS65jNnjbyQuONzWmpStGadqkJG06M6cCOtoGpgsqLEP02c4dd00f5wpS%2B1FmIGN9BsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBLHfLp4As2MRNPWaqDoKXE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame EF82 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YyVrAYu0W8DwXovNsZOEYgAAEosAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 27C1 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52817
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sat, 17 Sep 2022 21:17:12 GMT
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=856669627834921461
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=856669627834921461
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:56 GMT
X-Proxy-Origin
103.209.254.5; 103.209.254.5; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8e011ce8-6847-4f79-b48b-3cd61bbd216e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=856669627834921461
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 0381
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_5552dfc5-b316-4e8e-8e6f-1456e9349717&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=21bbe1ef-abe1-4721-b29e-de1cfdc4295e&user_group=1&ssp=gumgum2&bsw_param=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4
0
0
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-J560t8gs3kgHW3talzVD8VE6q43ZPHI_GCMs2hOwVkIqQO6zqzX2yWegodHuKaE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
0
0
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=45a71f78-64c9-4802-b6d8-aaeb3ecbea5b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=45a71f78-64c9-4802-b6d8-aaeb3ecbea5b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 17 Sep 2022 06:36:56 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=45a71f78-64c9-4802-b6d8-aaeb3ecbea5b
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-7de02872-e85a-4259-5e6f-06fd3aea0040$ip$103.209.254.5
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-7de02872-e85a-4259-5e6f-06fd3aea0040$ip$103.209.254.5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-7de02872-e85a-4259-5e6f-06fd3aea0040$ip$103.209.254.5
Date
Sat, 17 Sep 2022 06:36:56 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-OBEGEixE2pdfcNonCUwMJqEk7cU24BEB_EvT~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-OBEGEixE2pdfcNonCUwMJqEk7cU24BEB_EvT~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 17 Sep 2022 06:36:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-OBEGEixE2pdfcNonCUwMJqEk7cU24BEB_EvT~A
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=812f48dc-5baa-47e2-b4b5-e4a648d86bc6
0
0
services
sync.technoratimedia.com/ Frame 0381 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.156.92 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
794926492
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 0381 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_5552dfc5-b316-4e8e-8e6f-1456e9349717&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=aAawPcYEyasrVMwXtq22&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKBMF3VAY2ZIV4WC43SKZGXOWDUOEZDE...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aAawPcYEyasrVMwXtq22&us_privacy=1---
0
0
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=2757b57b-63ff-48d8-a5b6-d7ab1d6c125f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=2757b57b-63ff-48d8-a5b6-d7ab1d6c125f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=2757b57b-63ff-48d8-a5b6-d7ab1d6c125f
date
Sat, 17 Sep 2022 06:36:56 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=543673575
  • https://sync.1rx.io/usersync/tradedesk/12214519-0c4c-48e8-a8e2-7a416271dec6
  • https://sync.targeting.unrulymedia.com/csync/RX-749f24e3-88be-44fd-876c-97b286ce6701-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-749f24e3-88be-44fd-876c-97b286ce6701-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-749f24e3-88be-44fd-876c-97b286ce6701-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-749f24e3-88be-44fd-876c-97b286ce6701-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-749f24e3-88be-44fd-876c-97b286ce6701-004
date
Sat, 17 Sep 2022 06:36:56 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX749f24e388be44fd876c97b286ce6701004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=G85dKHlB6DWh&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=G85dKHlB6DWh&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
location
https://usersync.gumgum.com/usersync?b=pln&i=G85dKHlB6DWh&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6db8fcb759-w6bg6
expires
-1
usersync
usersync.gumgum.com/ Frame 0381
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3111016126218390619
0
0
sync
ads.servenobid.com/ Frame 0381 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_5552dfc5-b316-4e8e-8e6f-1456e9349717
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.200.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-200-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 26E9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 17 Sep 2022 06:36:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 17 Sep 2022 06:36:55 GMT
Expires
Sat, 17 Sep 2022 06:36:54 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master hkg-pixel-x18 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 635D 		0
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 17 Sep 2022 06:36:55 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11230-MEL
x-timer
S1663396616.924851,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 6F08 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81NTUyZGZjNS1iMzE2LTRlOGUtOGU2Zi0xNDU2ZTkzNDk3MTc=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:36:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1DCC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50682
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 17 Sep 2022 06:36:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Sep 2022 20:41:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 1EE2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=12214519-0c4c-48e8-a8e2-7a416271dec6
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=12214519-0c4c-48e8-a8e2-7a416271dec6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 17 Sep 2022 06:36:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sat, 17 Sep 2022 06:36:55 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=12214519-0c4c-48e8-a8e2-7a416271dec6
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame A92F 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.63.73 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 17 Sep 2022 06:36:56 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame D9E2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YyVrB8Co8YsAANFHiMIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YyVrB8Co8YsAANFHiMIAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 17 Sep 2022 06:36:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 17 Sep 2022 06:36:55 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YyVrB8Co8YsAANFHiMIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
55
X-SO-HostName
m-ad183.dc4p.scaleout.jp
X-SO-IP
103.209.254.5
X-SO-Key
YyVrB8Co8YsAANFHiMIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":55,"gdpr":false,"ipv4":"103.209.254.5","key":"YyVrB8Co8YsAANFHiMIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad183"}
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad183
usersync
usersync.gumgum.com/ Frame 077E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=YyVrAYu0W8DwXovNsZOEYgAA%264747
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=YyVrAYu0W8DwXovNsZOEYgAA%264747
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 17 Sep 2022 06:36:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74bfd4912e71fe9d-MEL
content-length
0
date
Sat, 17 Sep 2022 06:36:55 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=YyVrAYu0W8DwXovNsZOEYgAA%264747
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y18HUNdvTTGV1HNV5HuaCtv70GMWou27Hxx3etVMsQHERS4IiQhwSFdvGKruR3mAj3s3qup8jeaAPX0wPYq9blmb2xIQ9oZlfpXz1hDXA8eju7fjFte2Zd74W7DOYQxqbSq%2FauMfZoSgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm-notify
creativecdn.com/ Frame 18E9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
0
0
usync.html
eus.rubiconproject.com/ Frame 9215
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 17 Sep 2022 06:36:56 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 17 Sep 2022 06:36:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9e0&_p=2991&cid=400732676.1663396611&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1663396610&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html&dt=6%E6%9C%8815%E6%97%A5%E8%B5%B7%20%E5%8C%97%E4%BA%AC%E5%85%AC%E4%BA%A4%E5%A4%9A%E6%A2%9D%E7%B7%9A%E8%B7%AF%E6%9C%89%E8%AA%BF%E6%95%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 27C1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L85JE5AG-24-AYT1
  • https://ads.servenobid.com/sync?pid=323&uid=L85JE5AG-24-AYT1
0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 79E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=1882226508588972&bg=!JiWlJWHNAAZqQh0mSkI7ACkAdvg8WisVYn9JnAp0glomTYUDZkDq38ZhHL6lx1Jk74HLYiOhbnCNcwIAAADYUgAAAAJoAQeZArPO33zTsXNKK18ZOCK5iQtJZrFo-zelAtDmdgTjudIhTqIEX1pr3hQVUiE1zTz_3fB9l3ZfIWFHb0DKbS273QcCx-JfexxYUfMGku3LtpuxME4rNuqbv7Jw7ZAdibxRpy9TUBATcrIGwCH-vRmzoIaVXe-FsVPBAeNnvCWOYY92SAnscH2FyLn-OqpXKEXEHHV3kpI-ZI2jOSTTIDeomnujzoeerH4olkn--tBrs1BwYHFGdoujgt3eh0SIQnE14y4XBSkOB38wjDrxeAz0RQGHwEuW1YU4ShsctO4WuSeiuNuuQHNvr6dJQsw2iPPopkgjLdx4pgszv8GMX_1OEXy6Ik9oPWC3yRN8jI8YoFR0wbx-bIIzSbq6kS3EVvFltiNg3TL-SBdFyJcLkkrols9IhAVya5h6yKwMNA1hhGDeJv6nzl6vpQmG6RYxbuvxZU-vzI-pSEtuX5zSSzUOvPr3v0N8WfpyCOUaYzPvzDfENUvi7vp3myosNjhAhmRO59rG8P4YdkkmMOMx_4Sik6CeiIXNeEPe_1500sXVUPaN05gnI2jUwBAzbjWmgt97SL_rnBOEUsrsi3li9H2YMXgviYXWGW3F3SuQRr4Ie9tCMSPO9VO-nwEixcvrpu6tavt4e5nzDdjXGXtSTCjwmyp-w8uzmywrnT4CTJpFv1il5Jr03nU4iXz-rIlA1BAeRNotQ10yGVBZKzMnfkHZcyO6D1O3NTSFXhnToYbZK6MuE_FuEnaJVj85Y5qtATodWQawRgMAW1dt9BnpbFWPi8BGWDPgZJie6RbwY18tNHLhzXNbhrRDNa8tNln5xnrYS1LUG076Plzj7jztD40Hs8qctt8iiDeS0CNV6DSuqwkucGcPyb439vVq2HUjdzVNpVcifxNJSOnF596JsnP2qO8Xv9Bs
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7AB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=2834201891224365&bg=!R0SlRADNAAZqQh0mSkI7ACkAdvg8WpxyEvs7VDfpd-cBY_QaZEhZUZsjFppHPjMZU10PUc4yTVF-0gIAAAFcUgAAAAJoAQeZArbWDYZzjueABXnyRUm10hAIBr8srDbQZwHJpr2Ye5m2Am9_AjTAAjS7iODsTiUFRefxsktpBQ0ujfRfdTrA2lElXuvv90X9f2g-FVu4bI3ryvcOQ1DzHVf7hmAuZ838HKqa4Ktbx6ZQFlCNVXjHBIHjpB7ggHFvJU9SPWyKGXewJOQpWr9wctgAlv3fGax7oqLbVEgUS1IGuQFRaSEzZyoQElUZGtShNs19wSFIMSJVmYP80GNjWcJR10zKpYUeMIpyDPrj4Ick-MHOKHdyxwOmaj5ffmx9iKBvMo3aTKw1e3OyO9KViU3mTwrmBtTUUuccH8VWFrQpK9n6EImoUpgWHO6-uN0Gi8xZfEvf-hMkv4gOTPeuV3C7SgBoB0KGQlVHM3PFBmQyTqFGDDmsJgv8b6MAoSejLWF02TOJA4CnRpFuP0fdASCY_Hbv2L3Dn_8MwePKeS_X-r-HRFWGg4XC2LTwQ-Rj8RNGRokHNYS3b56nf_HCnU0Sb_9U7lejfvI4UCFil-FJu35Xl7r7n128aYJSgddvCN6_QDQZ9rNccDxDZroT0E8cFoz_XIS_rNLvolEB72JLxzOLoQ7z6HkQSxl4Cv7Efyj-6rvVZRvRQv1ir7GX4C8LlxYS7W9K_3acOKkSsZqA4ad0kBaVbaz0CK7OpCGvIYe6NSwadydkKvibk72N1IJack7zy5s2f7kyOuKcXkIEIeOn1eNucYgdD65GNm1ZVeEnSC7QfaOoofI3BhGI8i62L6cEzOQTch_zV2z2taHkDIqVLDnLgI2cveJDzz1JOdBWcfhf_4iTvR8ads759Ym-0Q6bTeVqWXrEztDIOrHxhzvBjGrizJ3VDZ7PpdsapQfXykhr-d9iLGtqgiWUBbkL5fWekI3lc8ZkTVIfJFDm5C77h_mq3nv5zE5WVKsE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2BB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=4486120995357876&bg=!QUKlQgbNAAZqQh0mSkI7ACkAdvg8WrgUHr_M2lPZYuTNj-LQecm1tWIGH7VoAzLCbOsNDn7ATpaK3AIAAAE3UgAAAAJoAQcKAInWHeHFEqC6al46s_5X8AivyQWcLqsydF25wBP8KTOOytzzfWm6QWmyINQTYjwg_IT5pF_ExrL4whpAcB87rmeu-OVEHv6Cgl_Q_CzswhXgrbtcWbfi4tU_XAFdg5JIdg6qSaUMxVP0htyJP3iyNXrGPpmuUj8xCYPALOtyOTn7kwKUN2qfwpUoEpkC0HAlK6reLVsH_pNGmufKoj0Kdc0ZXmWGcNzlWE54wFq85-9ueYGF2wNX2KNSfo6bouWNeMDXHHV9TjuJs8rKolC38RXfX4FDbmuiqnC52Bx9r6_a6pSSp3W_65iIspYHi-F_eJMTOx06xkF24n5yL0osZ3FtjhDmdHlHLHV7D1BnouFd2ETcaXpCRrQZXlbiMo_rZCEyfOMfG1zL--1H-A66Ig-AQ2MfWr4o3z62B9A6K3M_Hh03crrrqD-W4nw-5WnErMZZ4Q5yShNXIH5ETVHY78CRG1JC_4UZi7HRbJVpoeDqngGF1Y3h_Ik3GlvKD9dIPEj61n1CHKfMpePpNBLU2S2PT8rehxllmOXMEZOhD6bbA9clfCtAVaakH2OvOJUkkyMtjWfdcEZkW-8Ged87g4LvRbiX5EVHzVt7YnRxRUmub9-ZJ4DZVhdulwVqtIEmuS9uDL57tpqV8UBmsGolxMpPNPOhdLsLYDMC-IpdZqknWNfQB9dTS9fNORcNccRlQCUpKZBOlYbmM15wSYksqWwNMAvNiV3jCC4w4uTW1TTXfam92TfpYNMysbAzKtzteQuPxihxuKrQjxkqwnXakJIZ7bPtsflFLwNRJBqcljJUXEZeYSCUU1U3_bFhJ6PJDc_87Y-bOPC_BknUmZ8V3ZmP0EUIx2tYAD1731es0b0OizC5AI8zVHrJd7qtu2BKJyOHj2VOnFgc-nEzORDo8Xkli_s7mFUi1SQdTWIE66o74Jf6sFP54edVQMR_DCBZ6_-1eU6f5kMzc7ix0N_62PbpbhpEvHRIPZMFMh3aISBGj02wi_MbOD4tZGEUPpo11I7T1-DQuCzMh84iLDqw1YPBtnEBaiRh4vZj-JgsUUx_nWAVnFhYq74I0FWKYOj6FJjFMos5iD_gZORZ5Ye9I2PRBGE6jtNfA3N9kOLAqhO9zET1XX4ru35nr420CQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 9215 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Sep 2022 06:36:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52816
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Sat, 17 Sep 2022 21:17:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B82E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=424218493006684&bg=!DwylDEjNAAZqQh0mSkI7ACkAdvg8Wk3oML5p_O-_tfv94fsaw0KFUoGhCnmw-H4wkiuatye18J7_IwIAAAFYUgAAAAJoAQcKAIYYuO3zdGWPNJnwZTtUEEs3vU4JY0EeTaKxY7kZH7Pj0tg1yGLuobuK9kxm3HrhZJSOrVVc9tzpVtFLvjc6brGY37O5KTXw9heyh0src8RIz_UxAGRv7LT8XE09eP4tg4ViDYhMpZo2wTHValE0WlAFjKHrzUvZxWk27T76-bZ_79S8YufcIJkCxRFecFrtaNgwtBMEn9K3WqPv_RPEQ_cUdKJibO1YTHsBXYwKGWNaQEnzHiW6P-QLi3BKo19_J-exOsUHSq_KV9twJhUqqkYg02JI6HJZvzTUZAPIiTFCR0uyn1ptftAvTM6jYdtZM98s9KirhMuSb_DOm8876ZwzwFodkmGIaClk0mPkfKHYDxIiPLHDU43LAKf00MSB3cLQ93V8E0QGR2-hNqyuU_8kHljbx1okaPRjR9Z44XtCeWIEC33_tusiZ-vXvIsnQstKYUdjGyOiXiTt2OfCISCaoERb09MRu0ilF2r3GLKzY1BUYfwItmgAQjYBjZ1EknKPIikrRPV0BZlmYJD7v-W59bTUSxweX27q_GNfHMpnNfsi_0IstwHCPNzYrLbL4tZsBdbzcj79dlTNVwUC23iOVjNvS_EjfxWGQY-9GAlqIgz7hXyXcUz-8JN7YjLMHH_0aHqY73vZ3qruzkHfzFo4FdqjYjgDcfX1GR5TyFg4DehFz9L0gJkOc2-skXm6wxcw49M8LdyMkI01VJ4DoDJWlt7-d5RnGvll4amZTWdV0F5UPGwscx9ZpmNc3RPyaIFzyuwyUMJUoSTQaxfkn7oF4Fl-Qlhp-v2WXsaBkFX3-j1p_TQNb6qj3mIArXD0kVY76l7vCgpt31DLmxUs34UZ5katZVzGwQY2lOdV04DZgeTIO4OEj6qvPEC_0vlmwM2K5slINWe3jo4_bShoTGz6uHveznVc8xChEJH5Fjs6yXglNlaI20g88OQvErDGOMsXbybTCEZuUKvdzarZTMfSaBVuNoq-vMFz0BMDy-xCO2vSVHAQf3rhERln-yWE4gi_upUIbJ9i_R65svt9OTo9Nn-T3BZ0j9N4oMN9N9S_OFf1NArrqUZVd-nbf0Tvil5Tdc5dxWD7GTngqcJ2swT8IXxH8DJ0iiLTb3OItF8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/6yue-15ri-qi-bei-jing-gong-jiao-duo-tiao-xian-lu-you-diao-zheng.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame 5EAE 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=CF21C3D1-8732-40E1-B436-3BFC0385C9DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 17 Sep 2022 06:36:56 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame CF99
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 17 Sep 2022 06:36:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 17 Sep 2022 06:36:56 GMT
Expires
Sat, 17 Sep 2022 06:36:55 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master hkg-pixel-x6 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:93496325-6b06-4100-aab4-1eb9b4e889cb&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 525A 		0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 17 Sep 2022 06:36:56 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11230-MEL
x-timer
S1663396616.283716,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 9692
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x39zhetzyuh
1 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x39zhetzyuh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 17 Sep 2022 06:36:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sat, 17 Sep 2022 06:36:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=x39zhetzyuh
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
setuid
x.yieldlift.com/ Frame E9B1 		0
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=CF21C3D1-8732-40E1-B436-3BFC0385C9DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.47.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 17 Sep 2022 06:36:56 GMT
Vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1493
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zyHD0YcyQOG0Njv8A4XJ2w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=50681
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 17 Sep 2022 20:41:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px
p.adsymptotic.com/d/ Frame 1493
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=CF21C3D1-8732-40E1-B436-3BFC0385C9DB
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5a37884422cc9cda53562728087e3118d2f986d0a93e4258eb23c44ec40a6ed5791426b5417dce21&_=2
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sat, 17 Sep 2022 06:36:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74bfd4975b515ab0-MEL
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 17 Sep 2022 06:36:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 1493
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=93496325-6b06-4100-aab4-1eb9b4e889cb
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=93496325-6b06-4100-aab4-1eb9b4e889cb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 17 Sep 2022 06:36:56 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=93496325-6b06-4100-aab4-1eb9b4e889cb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 17 Sep 2022 06:36:55 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1493
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0YyMUMzRDEtODczMi00MEUxLUI0MzYtM0JGQzAzODVDOURC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1493
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPkMrxbDMHG9RmNZeN5ts9s&google_cver=1
42 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPkMrxbDMHG9RmNZeN5ts9s&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPkMrxbDMHG9RmNZeN5ts9s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1493
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C3B6A86A81AA48CBABB366F048954392
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C3B6A86A81AA48CBABB366F048954392
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 17 Sep 2022 06:36:56 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C3B6A86A81AA48CBABB366F048954392
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 16 Sep 2022 06:36:56 GMT
CF21C3D1-8732-40E1-B436-3BFC0385C9DB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1493 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CF21C3D1-8732-40E1-B436-3BFC0385C9DB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.66.227 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-66-227.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 1493
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=12214519-0c4c-48e8-a8e2-7a416271dec6
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=12214519-0c4c-48e8-a8e2-7a416271dec6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=12214519-0c4c-48e8-a8e2-7a416271dec6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
sync
dsp.nrich.ai/bidswitch/ Frame 1493
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 1493
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gB1snIBMbpmbS2mQjx9zz4YWOMqbF2qbhRjxC7qh
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gB1snIBMbpmbS2mQjx9zz4YWOMqbF2qbhRjxC7qh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:36:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 17 Sep 2022 06:36:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gB1snIBMbpmbS2mQjx9zz4YWOMqbF2qbhRjxC7qh
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9215
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L85JE5AG-24-AYT1
  • https://usersync.gumgum.com/usersync?b=mag&i=L85JE5AG-24-AYT1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L85JE5AG-24-AYT1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Sep 2022 06:36:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L85JE5AG-24-AYT1
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rtb.adxpremium.services
URL
https://rtb.adxpremium.services/openrtb2/auction
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1675811078;
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=977300199;
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F259%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kOGE3Y2NlNC0zMmI4LTRhY2QtYTE4YS00OTdjYTc1NGUyZTc%253D%26uid%3D%24UID
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F4%252F621%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Dd8a7cce4-32b8-4acd-a18a-497ca754e2e7%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=21bbe1ef-abe1-4721-b29e-de1cfdc4295e&user_group=1&ssp=gumgum2&bsw_param=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-J560t8gs3kgHW3talzVD8VE6q43ZPHI_GCMs2hOwVkIqQO6zqzX2yWegodHuKaE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28-J560t8gs3kgHW3talzVD8VE6q43ZPHI_GCMs2hOwVkIqQO6zqzX2yWegodHuKaE%29
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=vnt&i=812f48dc-5baa-47e2-b4b5-e4a648d86bc6
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aAawPcYEyasrVMwXtq22&us_privacy=1---
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sad&i=3111016126218390619
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=323&uid=L85JE5AG-24-AYT1
Domain
dsp.nrich.ai
URL
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| ucf object| request string| paramsString object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN function| setImmediate function| clearImmediate number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| descriptionPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

88 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQvaGo0bQwCgoIgQIQvaGo0bQwCgoI4gEQvaGo0bQwCgoI5gEQvaGo0bQwCgoIhwIQvaGo0bQwCgkICRC9oajRtDAKCQg6EL2hqNG0MAoJCAsQvaGo0bQwCgoIjAIQvaGo0bQwCgkIXxC9oajRtDA=
.aralego.com/ Name: sspid
Value: 3da8f625-a9c4-3539-8f91-b48c939b24e5
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: e3d5826f-3263-45e9-9ffb-8f51f890403c
.adpushup.com/ Name: ap_uid
Value: 1a15dfa2-3653-11ed-a178-002248573ef7
.adpushup.com/ Name: ap_usid
Value: 1a15dfa3-3653-11ed-a178-002248573ef7
.bg3.co/ Name: __gpi
Value: UID=000009cc076e022b:T=1663396606:RT=1663396606:S=ALNI_MYC50M4uoCIzNyqo-R3pCUO6j2hQw
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 61368451-e55b-4fa3-8b75-72ee92bcd8e0
.openx.net/ Name: i
Value: 61368451-e55b-4fa3-8b75-72ee92bcd8e0|1663396607
.rubiconproject.com/ Name: khaos
Value: L85JE5AG-24-AYT1
.teads.tv/ Name: tt_viewer
Value: 9ddd14bb-9801-4d1a-a192-b51765264d71
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwgNaVmQY4AUABSAEQgNaVmQYYAA..
.adnxs.com/ Name: uuid2
Value: 856669627834921461
www.bg3.co/ Name: qcSxc
Value: 1663396608857
.prebid.a-mo.net/ Name: __amc
Value: 1_1663396608_1663396608
.a-mo.net/ Name: amuid2
Value: d8a7cce4-32b8-4acd-a18a-497ca754e2e7
.prebid.a-mo.net/ Name: sd_amuid2
Value: d8a7cce4-32b8-4acd-a18a-497ca754e2e7
.quantserve.com/ Name: mc
Value: 63256b00-e7991-f08fc-94236
.bg3.co/ Name: __qca
Value: P0-1419022661-1663396608854
.omnitagjs.com/ Name: ayl_visitor
Value: d4cfa2f89c1379a7a67fb00b61e8e5d3
.doubleclick.net/ Name: IDE
Value: AHWqTUmOiZk2p4sat_T1fUwjuOPLYBVVZ4ZrVz_WBI_ONhSbQlTScIfEGRBTORIzmdg
.casalemedia.com/ Name: CMPS
Value: 4747
.quantserve.com/ Name: d
Value: EDABCQGPJ4EA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb8F*`Nq!@wnfH8K6pQK`!5=E<*L5?%M>2UcUMk2.Zq5?Jv44g0v^/3N:m>s`*/j@y.h%nugO%v4VB%nu9m)Z^V0
.casalemedia.com/ Name: CMID
Value: YyVrAYu0W8DwXovNsZOEYgAA
.casalemedia.com/ Name: CMPRO
Value: 4747
.yieldmo.com/ Name: yieldmo_id
Value: g379beb5415cd03e9f5b%7C1663396610561%7C0%7C
.yahoo.com/ Name: A3
Value: d=AQABBAJrJWMCEFNdOJ95wkrylJDSq1-_z64FEgEBAQG8JmMvYwAAAAAA_eMAAA&S=AQAAAna70T6hUhxMf_RbudjSLYs
.yahoo.co.jp/ Name: XA
Value: eu6tqu1hiaqo2&sd=B&t=1663396610&u=1663396610&v=1
.yahoo.co.jp/ Name: XB
Value: eu6tqu1hiaqo2&b=3&s=sg
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1663396610.1.0.1663396610.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.400732676.1663396611
.bidswitch.net/ Name: tuuid
Value: f98ada23-bb7a-4d68-a2f4-7fe4fe49dce4
.bidswitch.net/ Name: c
Value: 1663396610
.fout.jp/ Name: uid
Value: wDM3oEeMVW8KfRJfPGG1DmqM6MI
.inmobi.com/ Name: idsp_c
Value: 2f090fe6-1ab4-4935-974a-a305ea64a9ac
.bidswitch.net/ Name: tuuid_lu
Value: 1663396611
.bidswitch.net/ Name: google_push
Value: AZmPxg9GVoL9bYVAS1y0acE8XEhYyrhHNkHe8R9XXiaVfE3D7iKkIaEuHnxgLFbme7m3bZk0iXSF1PMFhMrYuPT4dsRZQKO732csNuDn4twZ1mKiHhsU7r35oj9fM_gcfTp3XbrYMwEN3A0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&73660b87-3239-454d-8e32-aed6a1f0fece"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2383:u=1:x=1:i=1663396611:t=1663483011:v=2:sig=AQHMGq9boUFQhontGe8SNJSNHRBxYmZS"
.bg3.co/ Name: __gads
Value: ID=2cb41b1211034d94:T=1663396606:S=ALNI_MZ-YKcUQMRIjczjvs3G3SRnENqL7g
.zemanta.com/ Name: zuid
Value: aAawPcYEyasrVMwXtq22
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.blismedia.com/ Name: b
Value: 63256B04931E86E899B2777FBLIS
.id5-sync.com/ Name: id5
Value: ed9b9e24-2ebe-40a4-a2c2-4a6b1684d896#1663396612097#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 8309519658703107450
.simpli.fi/ Name: suid
Value: C3B6A86A81AA48CBABB366F048954392
.adform.net/ Name: uid
Value: 1858185059954982980
.openx.net/ Name: pd
Value: v2|1663396613|jElYiuvOiahI
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~277i:196y~277i"
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%226d1a5b36-fa8a-4ab1-89d1-ad7df41157c3%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-17T06%3A36%3A54%22%7D
.adsrvr.org/ Name: TDID
Value: 12214519-0c4c-48e8-a8e2-7a416271dec6
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.3lift.com/ Name: tluid
Value: 436735124250200791499
.onetag-sys.com/ Name: OTP
Value: GnqXJ1P7O8Y_TrflH9Pn75_IF7hf4fPrveFRQ0lrMLY
.media.net/ Name: visitor-id
Value: 3063982141530182000V10
.mookie1.com/ Name: id
Value: 10522238326638056381
.mookie1.com/ Name: mdata
Value: 1|10522238326638056381|1663396614248
.mookie1.com/ Name: ov
Value: 031b96e8ac413339fed42a49102ba087
.openx.net/ Name: univ_id
Value: 537072971|12214519-0c4c-48e8-a8e2-7a416271dec6|1663396614278694
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYzMzk2NjE0fQ
.linkedin.com/ Name: li_sugr
Value: 7580bbdb-d7c3-4c24-bc96-77478abf4ca3
.bg3.co/ Name: cto_bundle
Value: lEzz1V90Z1MzRzdjS3YlMkJhRmZZN2klMkJPbkRmZGdYckJWWnVhR3JBaXZlWmxXYzU5TlJLQ1hZNEpLbEJLSlAlMkJFWXo5bXhxYWFMZER0cm40czE2bjVOSTNCYkc0S3dWMXB3RUxoaVZIakdCNDFwcjB2OCUzRA
.bg3.co/ Name: cto_bidid
Value: WiQ8R19lQzJGUnlPTDh2dWVaQXM1cGREY0MxZ3NRdkJPYjVoTFZhbGRLY2w4TWRiWHpjczU0S2RBdkdnYmc4NFJINzJNb1hRWjk5YWIlMkZ3UDNLc0hsM2g2cTh3JTNEJTNE
.tapad.com/ Name: TapAd_TS
Value: 1663396614633
.tapad.com/ Name: TapAd_DID
Value: dfd1e307-4499-4171-932e-216466fb2c9b
.rlcdn.com/ Name: rlas3
Value: /NJoOOP/20470SBXdAa4Oqf781vPHpzfobVj6v15d28=
.rlcdn.com/ Name: pxrc
Value: CAA=
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.bing.com/ Name: MUID
Value: 293115EE900B6F6F319307CC916B6E49
.c.bing.com/ Name: MR
Value: 0
.mathtag.com/ Name: uuid
Value: 93496325-6b06-4100-aab4-1eb9b4e889cb
.casalemedia.com/ Name: CMTS
Value: 4758
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIV1Z4bBY7sdCKB0+A8/5OaOgmbYwMTnSEppT01m6tjCytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCIK_4LShoIw7EAUSFgoHcnViaWNvbhILCIKYtbahoIw7EAUSFQoGY2FzYWxlEgsI6rT8uaGgjDsQBRgBIAMoAjILCIK34-G3oIw7EAU4AVoHc3Z4OXQ1MGAC
.mookie1.com/ Name: syncdata_IOW
Value: 1

11 Console Messages

Source Level URL
Text
network error URL: https://cdn.adpushup.com/42753/L2EvNnl1ZS0xNXJpLXFpLWJlaS1qaW5nLWdvbmctamlhby1kdW8tdGlhby14aWFuLWx1LXlvdS1kaWFvLXpoZW5nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEPC-c-APq51GaEg_dKcVOX4&google_cver=1&google_push=AZmPxg-s0w0W-ifzkFIyxyAI2WBg8no4ffUY5UwiSgjE_cRh6aop2wRo1iiLvZpd4wp2ty3njQj9GU4MBJRMCkXAayYzrG8J49S9Ng
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEO5eZVjAut-vjc6KZKglfio&google_cver=1&google_push=AZmPxg85xjsvQk1ccl17Omm4QHWuGNj3e1T-6lRfE5PFsaqU9ht9kVEi1pmSdPTI3aGcskWqxk8mUeAZHOo28McZJ6qDQzeTB-eZfUrdR1WG5KOdtgq44fHtRKwl7r9y8rUApl6DAf0nJy6CNQ
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=1675811078;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28466995;s.a=3213511;p.a=345598515;a.a=537242143;cache=977300199;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://s0.2mdn.net/sadbundle/14349550522376953207/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/sadbundle/7988790760513552004/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32d69238e2f6bb5cfbff62a0e3954cf8.safeframe.googlesyndication.com
3ed068a02ba7af14c0b35b3d4743e97e.safeframe.googlesyndication.com
a.teads.tv
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cksync.yahoo.co.jp
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cookie-matching.mediarithmics.com
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-16930432452180773345.ampproject.net
delivery.adrecover.com
dmp.brand-display.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e3.adpushup.com
e9ff84e58cb1d6544025f17bbc3df4df.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
r.turn.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.jp2.as.criteo.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.mathtag.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
ad.atdmt.com
ads.servenobid.com
ap.lijit.com
creativecdn.com
dsp.nrich.ai
image8.pubmatic.com
rtb.adxpremium.services
usersync.gumgum.com
x.bidswitch.net
103.229.10.171
103.229.205.243
103.229.206.241
103.231.98.194
103.231.98.195
103.231.98.196
104.16.88.20
104.18.12.76
104.18.18.126
104.18.19.126
104.18.99.194
104.19.172.108
104.211.156.162
104.254.148.251
104.254.151.69
104.26.2.91
104.26.4.103
104.45.178.220
104.69.148.168
107.178.244.193
107.178.254.65
124.146.215.43
13.107.21.200
13.107.42.14
13.112.54.241
13.227.254.79
13.251.66.227
13.33.33.78
13.33.33.91
13.76.45.37
142.250.4.148
142.250.4.154
142.250.4.156
142.251.10.154
142.251.10.156
142.251.10.97
142.251.12.154
142.251.12.155
145.40.89.200
150.136.156.92
151.101.65.108
151.101.66.49
159.203.145.121
162.19.138.118
169.45.107.147
172.217.194.154
172.217.194.94
172.253.118.157
18.138.18.111
18.155.68.29
18.177.100.181
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.148
182.161.74.19
182.22.16.123
185.84.60.30
198.8.71.128
20.127.253.7
202.232.238.37
209.191.163.152
209.191.163.208
209.54.182.161
23.10.23.66
23.106.127.38
23.106.127.39
23.106.127.53
23.106.69.72
23.108.102.145
23.15.148.136
23.195.152.23
23.195.153.54
23.36.48.24
23.44.4.192
23.44.5.176
23.54.57.83
23.72.44.196
23.9.185.218
3.113.228.171
3.114.61.6
3.230.47.190
34.107.148.139
34.111.151.213
34.251.200.30
34.96.105.8
34.98.64.218
34.98.67.3
35.168.53.23
35.174.63.73
35.190.60.146
35.213.12.39
35.227.202.26
35.71.131.137
35.71.178.8
38.91.45.7
44.231.196.20
50.116.239.135
51.79.234.100
52.205.223.187
52.74.162.2
52.84.45.81
54.168.48.215
54.179.141.118
54.192.150.119
54.239.38.253
54.251.139.99
54.251.169.230
54.255.75.208
54.36.150.184
64.120.88.131
64.202.112.159
67.199.150.82
67.199.150.86
69.16.175.42
69.173.144.165
69.173.158.64
69.173.158.65
72.34.250.75
74.118.186.45
74.125.200.132
74.125.24.132
74.125.24.139
74.125.24.147
74.125.24.156
74.125.68.148
74.214.196.131
80.77.87.161
84.17.37.44
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
021fcd714c00f1eb548e8fdef5ce94117e8116ec154d27f41ab211dc47c1ac14
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0622ee2141c5d5acd34b4b10e4f686fb7238e79cca3a834a31e82e06731c162f
067a86140a0adb95843bb97ca4fa3c5daea422299228d34a0ab7310a906fc8a1
07624a888008a5a8d0d59a1d5d971d6375bd4a1e3e114f296339e258081f2373
08924dd71bcd2afc06fd2d045500d9a566164079adbee6e824c2a1345ac45d00
095348d33dfcfa5ed1de252a53bff7ecda596451ce782f98ad45970c44f6ca5e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba4eb00298aaf6fb6e5a6e0c9bafaf47b88e7f8db2c2be86ea92a6d72c67028
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0fa316a9b05961ed4d68109ff3e63a72f33c18792dca892c27bed1527a7b4add
11cbf9aeb12b5c342ab73997c19631a891d76812470534316052003914c54f14
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
150db757e9651b853d3f0b9d871e34733062a0362a84288006c5e1684c52142b
15fa1b7e6f0d2a575dd72e03903b37f563430d1bde293650abd09bdc55d2b1b1
16e33227a4efd097d05a1e7138ea52ddc29eefe05bf8320bbda354bf015ebbd4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1955d32dbe4d727cabd975dff9651d7beca9b7df4deb811e90e929adf6a1c5d0
1b07c3c310d159b52f9e6bf8263a1199985386b13234d975514867e69d6937d3
1b7b9e709623cad00d30a4ac075f1ad5bd10630f7339f90d130c41a2d8b48651
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1fda706ccec5af43c29b033ab17762d2a95df1f3cf77ea63532bc0b9eaa1d776
20ef0d0404e4822f6483958648bb42a50a00bf51775a9e4d99d56cddd12ba986
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
21f661a738aac78404df7c695e23b2e30bf692c79d31e3d1c58a1a7b501d1ae4
24649a4540acc4646756993d438632adf0bc5c6f78aabe4f03312c18ab31aa20
25c06c024bfb192f5418b39ce069ebe46fda94e38b25ae781cc753fce98a2a24
2672e52deffb47655d8baacf59db8d85463a269cfbb057303309786f4e70f242
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27a77d2afda661a93e3bda9694348246389a93af9e3134da4bb6c96746f7f820
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
29fc66b204681ec0e60b0d53eef4abc17f84351886cb6adca1261c6f18a3ce65
2bac75fe77406c6251a4d2344d4a5aaa93d0c87637d46075ca8263b027b2c4e0
2cd9e7ad892d3c9553264b7d65e3dad962d65ce21162d4e60fea96bcb2af89d6
2e9f641648d07fa7b1d0681c2dfd16202c42ede250d099a82f35ab994399eafc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
361214ca4ff572fe2640916caa2f50ce1f5af6a2463e1143ea8853d57d981d4e
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3830e42b6267039c92e941fee5656b21955b25a74d6340b9f78418b2ef8c5280
3a3b13c30a0a5639f0de528125b48454fd2412145a92608bbe927647859d4ea0
3ada884fbeb45fd0af33927f9f5c4143a441a44bc7dc418f28c88ddcfd888f96
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bafa611790ac07103d9b393fcc52b42822a08c097322ea09b7ed711cd44ce2e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fc8a5e048783f1ba54ad434bec6bf79f27b1143e987ddc87f0cbab9d5916503
3fcc1cc10ccb611d9f46f040779b523c9a1789a20a50cc27cb50b872d146ed82
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fec55061ea87a3f53ed9391a7699ef75b328b9514e274dc0877b05a31cb5969
45d8a1c989f3fb759ada706bcba787b1d492dfce7b9f2494c9ca704aae6133b8
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
472a7c2ac11228f3c876f2b13dcf0b57f94ac0c4161d5f68573d6fe376d1f8bd
47a67ade50b2b883af8168c66d1e2656590817804a9a8e5c605736d66f31a553
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a407efd46cf60ef6414e5516619b2dd3a37323d3bd9aad5f9eb53309e89d126
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1b37ed11a4d77ed2b321965e6e88125b759df519c2c03da84cec48ef9753eb
4d3cf0b065eacf65a85b49e7da389f6fbc905dbf7a75be95edf85b036e31f6e8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
4eed791092e5284749cc5b1a2baa8fb4066877b361f9e1088ec52a442d24f4c6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5cc85b6bebf080ea19ba6e718120fd4757738df079847e3a56d37fd29fe38af2
5ee714703781708f41a778672e71e80859ecf3e89be00f60b2da82b86705140a
5f23d199022bb64ce8d0b4cb041e5fe7ece4e775660133819a12069a386aecd4
5f3e94c905dc99ba3692dc61a22a2a7468cac238fd19301fe0ea6d4850e801f9
5ff0824ab302cadc41978bd089cae6c65e1940daabb5a2b62c348f70dd2392d8
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62238363c539e9dd1274e44f78c28aee6d6fe37552a392e305ab200fd170eaa1
634ce6ebcae68cecdd5e4fe82fb7745884b9ee2dbe59a51bc08e1da360cd39c3
63737f5b4feee4fbef12fd70ba62b7c34904bb1bea4852d451ee06b92c3666a0
63a01a2bf2dee6e2eca2e7ed3592cb423a15ca764166c0025f50d1a8b0871df1
650b2e3c7f96518f35734bd65759ad5522702bea1cca8b5b658af9428c4c3f84
65d29bf5a3e6233c2042961fc661d48d8f39259cb824fa031b53a21a2c90a83e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
671cc92912f4b004e80ce54bd2785318cd8badef6c0f879e6aa1eb109de01167
6997292db4f5eefb91b6df8a32cc33f382a9da74890b13d55d9b0263c46f736e
6a18b3d2c064e7c85949a89636f0a2b1bc19f01325265c46431ef66f58a6fc48
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c427b4523bdb5a5a56727db17ac948691f6993d9dbb8b2a06405271eb41186f
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e1d3b4aa25b6f43c94dff01691f031bf5f96db6e48e78a4e68684db6f8f2388
6f6b905caee5973ad52554ba9dbf33dbd4f02f474723598847c08a96235c6613
70b3b43bc3b6aad26d5d6e09884d430daf54b2ad9a94031848d11fb11503f32d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7310d72971c11861b7ba53307063d896e10d697b640e76f6cdb728a218b91e73
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
748917abe22241e86d07017f8f285739c7a10d6306d15d6fa0c83f3d0622cac8
775f888cb3b6c70ac20e9423064c775de4d7ce246d63c7db33283eed8c8db32c
7c0b90fe6a2f1f5380a33c83ccd0fc9ead3520adfe057f55f784c12b49fab4be
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
81d8c33479f73c7a51680cb8d198985952b6e6acbd4f92dd5430291011d13775
8273d0591a53b1778562084c4fbacb6604e7d39208fe61dea16eb1f73750ebb6
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
84f7bfbeb18b66cd3262bbb997c13301dec8eeb64984dae82a998aaece7591c0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d141256082145f4aeaaed60a0c03d0ca0aa88bb805b08b6bf9700769bbb387d
8e22b99e056e8225a28ae70bcccd20808d7ce099106ad919f18c1df0a5514012
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db
923bfe4249cc964c58e87df66b351ebb93c6fc54f658fda2c259e2ffc089ddd7
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92cf38050a7628764acdeb5cf06d516685fe812598746fbf087a2d6818338c03
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
972129817e5284f4e50e3466e3c685815b87b03a3ee3b29cea56c65d90913ff5
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
99447a78e7452761b4b7c6456106802a2f70a53acf689550658605cd349edff0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b475c2f24baa9e51a8afd138f943f80c2dfc27514dcf13435f25b2324887074
9c7f8f74fe79ed9ee06f7f6600d0f261f6bd860835b9fa03ad1c66e504791ab2
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9fdc0510c02c1219ae8cb410037d1558bb09c59891578b0e32941b7b55971479
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a35207366d1fc14ddde480cc656abfd3264eee0a764ea9b9eff1863a5e98d744
a38058ced70378beaa0049a915c0c8642ea1a64fe57133c95d11c7b27522b4df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aadb3043f0db277c623091028f7a4f24e1dd821aca8d3562bc0e976170dd5008
ab642385effa4e7b842662ba37d0453042d2c627ca7a7ec1f7277d5d2c42314d
ac0f3027555126e39d9c63fd8bf2c14c87593fbab024a98a46864b7d45fdf729
b0c35de7e97c6845d33df6e448e10fc57a12dc9029159a609111c6032cc1889d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e685b257930d612f6c533ada3f062bfca487b3297a3af03e4f9f5478ccbf36
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b5c61545f89d1eee586476c647772932fbe5be2dcbb7e91ef750768adb6dcc99
b661c09d8ebb71730ee096bfef7dbd23606ba2098c157b5b5833c70fd239a2f5
b6708b2ce9bc4d9d0a48c6c31beeaf8f14191bceee5e3e27762a0992db5f313f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5b8374afc57391fda2b5c18633e74299030844ed77dfb27b90c07413e99854
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
beb04705b4768996852ded7b4cef6e5fcd8bd57b76f289519c95a007d8ab7693
bf4b52831f7dcf045d2e795dd2d476a5ee9aeea293d9f6e17776c12817d07662
bffbe10af19b2848ac863f352c3d68cc4192adc88e11382417132df6431c9d01
c02fbfd17a9a252d634584c0d7c1f1760ceb15436cdfb91bdb605f8d4f923fa9
c0b1a136cccc51ecdba5f864cc07baff50669defebc23584e525f01ae057e8b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c386bb4eaff0edb9b3da39cd9f57da8a8cc352ba93dff19d048a6fe39a3bd850
c86f041243bcea80e0315fc89fa78a1b81dbc3aec419b11af7302ea2eb3100c9
ce453b911638f479d314259969ff73c2728caea46ed63fd87834e0e1c84ce79e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa55b4f2159f4070ae4b5535d4853440d8b5e1ed5b04875eb408251f49075d0
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
db3ed1fe1ccb186047d1ad27e73ddc035c01a85249d1ea073f3440c2da4d618c
dc574e7142e06d8cdb90bdf60efa9e289f80e7e283a44275c27b613d2b80e2aa
dcc39e96630ccf0e8420842135a7c2c3453520e8ef3ba9c8a79863232242e9de
de799575daa88c00d989a66b4bb49cee872e08b604599f313cb4f343407b417a
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfb214630e6f0052e27cfaaeaedf20b7014e06ddebc4ee50148b5bcc4d648a55
e325e7ac2e5f7158a7ed69054a0a07a499f2af228d98fca31b039b875ae11e85
e35966e7a3a744306df4d21ac262224d3aea9c2c91dd0695589c0b00de031922
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e9709e3ed974c4b5c30a8c1ed14b0715c06426dc34b0d0307a1c24bc6ad0d440
eacc89c065c5d2cb0a2bbcb89fa86cfb329972713b64d2c88fab4fdfdaa4748b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ede3c9f1409adf93385e8b7ff05f6d0461d992b9981f5c4b063e7f1215bc6f65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f035ceb2322f2e77ac9957293e398bb0cbaee03d93c86d52f1961c5be1c2db34
f0c6444ec9e86d25a1372504f821aa2728b59dd27438e8664262e2ba5038bddb
f24bc47f24f70f5a6f519186068c7dc56c772c5ffc20ff7bf9828ff7b7be0985
f28bc196995cc6ee86af9a3b345f89d92aceadd259a5aeeec61b6fe8adac5858
fac3c19f0938a8ab775f35f398853cb656305111bd3f3f0ccdbdc2e00356be23
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e